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1 

Introduction 



Thischapter i introduces the I ntraC ore™ Architecture, then gives a description 
of the I ntraC ore 6524. T here are also tables of the key features, default setti ngs, 
and specificationsof the I ntraC ore6524, and explanations of thedifferent LED 
indicators. 

IntraCore Architecture Overview 

Asante has developed the I ntraC ore Architecture to meet the needs of multi- 
service networks that support all networking applications and datatypes.The 
architecture is standards-based and provides 

□ multi-vendor interoperability 

□ a migration path from current systems 

□ investment protection 

With thelntraCoreArchitecture, Asante has found innovative ways of 
embracing industry standards and technology advances to create products 
capableof meeting real world requirements for converged, multi-service 
networks. 

Theoverall design incorporates a family of tightly integrated ASICs, designed as 
system building blocks. These building blocks enable the rapid development of 
advanced networking systems that are timed to meet market requirements. The 
architecture ensures consistent high performance as systems scale their capacity 
and feature capability. This approach extends the useful life of the system and 
protects customer investments. 

The Core Switching Engine 

T he C ore Switchi ng E ngine is the centerpiece for al 1 1 ntraC ore products. Based 
on advanced silicon ASICs, the Core Switching Engineisahigh performance, 
non-blocking, multi-gigabit switching fabric with scalable bandwidth capacity. 
The Core Switching Engine is data format independent and can support either 
frame-based or cell-based interfaces. This capability is becoming increasingly 
important as enterprise (primarily frame-based) and service provider (primarily 
cell-based) networks move closer together. 
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Infrastructure Connectivity 

The second key element of the architecture is I nfrastructure C onnectivity. 
I ntraC ore specifies standards based, high performance, cost effective 
technologiesfor connectivity among devices in the network. 

In the LAN - 

At the network edge, Layer-2 switched 10/100/1000 Ethernet meets the 
requirements for high-speed connectivity of desktop computers and scalable, 
cost effective data transmission for trunks to the network core. 

In the network core, Layer-2/3-l-switched 10/100/1000 Ethernet meets the 
requirements for high-speed, scalable, cost effective data transmission and 
support for all multi-service data types. H igh performance servers can be 
centrally located for added physical security. 

Throughout the LAN , advanced queuing techniques combined with multiple 
priority levels and support for industry standard 802. 1Q and 802. lp enable 
Q uality of Service within the network. 

In the MAN/WAN - 

Long haul Gigabit Ethernet, ATM , and Packet over SON ET meet the 
requirements for all of thefollowing: 

□ scalable, cost-effective data transmission 

□ support for all multi-service data types 

□ service provider inter-operability 
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Network Management, Security, Performance, and 
Control 

I ntraC ore includes a rich suite of features required for the effective 
management, security, performance, and control of the network. The following 
table illustratesthefeatures and standards supported by the IntraCore 
Architecture. 



Feature 


Manage- 
ment 


Security 


Perfor- 




Web Browser M anagement 


Supported 








SNMP, RMON 


Supported 




Supported 


Supported 


Standard M IBs 


Supported 




Supported 


Supported 


802. IP Priority 






Supported 


Supported 


802.10 VLAN Tagging 


Supported 




Supported 


Supported 


802. ID - SpanningTree 




Supported 


Supported 


Supported 


IGMP VI, V2 Snooping 






Supported 


Supported 


RSVP Snooping 






Supported 


Supported 


Duplicate IP addr. detection 


Supported 


Supported 






Station movement notification 


Supported 


Supported 






IP to MAC address binding 


Supported 


Supported 






Controlled management access 




Supported 






GARP M ulticast Registration 
(IntraCore 8000/9000, only) 






Supported 


Supported 


GVRP (Group VLAN Registra- 
tion Protocol - IntraCore 8000/ 
9000, only) 


Supported 




Supported 


Supported 


Advanced Port Configuration: 
Broadcast& M ulticast rateiimit 
& port priority 
(IntraCore 8000/9000, only) 


Supported 




Supported 


Supported 



Table 1 -1 Summary of IntraCore's supported features 
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The IntraCore Product Family 

T he Asante I ntraC ore Architecture is the basis for a family of switching system 
products in fixed, stackable, and chassis form factors that allow customers to 
integrate telephony, video and data applications. Initially, theoffered systems 
provide high performance, high port-count, Layer-2 switching. Additional 
configurations will be introduced to offer advanced Layer-3 and above routing, 
traffic classification, advanced QoS, higher bandwidth and port capacity. All 
systems will be consistent in their operation and management allowing 
customers to seamlessly deploy any model in their network. 

Edge Switches 

Edge Switches provide the first point of connectivity to the network. 
Connectingto an Enterprise Switch in thenetwork core, EdgeSwitchesprovide 
aggregation of traffic from desktop computers over high capacity trunks. 

Asante has introduced the following productsin the Edge Switch category: 

□ IntraCore 8000 

□ IntraCore 6524 
Enterprise Switches 

In thenetwork core, Enterprise Switches are deployed to aggregate traffic from 
wiring closets and provide high-speed connectivity to network servers. Typically 
these switches are modular in form, and can be easily upgraded or reconfigured. 
This flexi bi I ity provides for customized configurations to meet a wide variety of 
requirements. The initial product introduced in this category is the IntraCore 
9000. 
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The IntraCore 6524 

The IntraCore 6524 is a high performance solution for enterprise edge 
applications. Thefront panel of each switch includes24 10/100 RJ -45 Ethernet 
ports and two SC -connector G igabit fiber ports. T he system can operate as a 
stand-alone network or be used in combination with other IntraCore series 
switches in the backbone. 









6824-2G 




Figure 1-1 


T he 1 ntraC ore 6524 front panel 








Figure 1-2 


T he 1 ntraC ore 6524 back panel 





Features 

The following table lists the major features of the IntraCore 6524 switch. 



Feature 


Description 


ASIC -Based Architecture 


ASIC -based packet processing provides wire speed performance 
on all interfaces. 


H igh Performance 
6.4 G bps Backplane 


The system supports current requirements for multi-service voice, 
video, and data applications with bandwidth to spare. 


M ultiple Priority Queues 


The "application aware" system ensures that mission critical appli- 
cations get the bandwidth and priority they need, even under 
heavy traffic conditions. When network congestion occurs, low 
latency requirements are managed by the system. 


GBIC Modules for Giga- 
bit Ethernet M edia Flexi- 
bility 


The two GBIC Gigabit Ethernet modules can be configured with 
any combination of 1000SX, 1000LX or 1000LX (Long H aul) 
GBIC interfaces. Either Asante or third party GBIC interfaces can 
be used, and the interfaces can be "hot swapped. "This means that 
GBIC interfaces can be re-deployed based on the user's applica- 
tions. 


Installation Options 


The system can be rack-mounted to save space. 
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Security 


Node summary tracks MAC and IP addresses per device, for mul- 
tiple devices on each port. The Port Security feature provides per- 
port security, allowing the network manager to specify which 
MAC is authorized on each port. Only the device with that MAC 
address is allowed to connect to that specific port. 


Web Based M anagement 


Built-in Web-based interface isprovided for chassis management, 
module management, port-level control, and monitoring. The 
IntraC ore 6524 can also bemanaged viaTelnet, Console, or third 
party SN M P console. 


VLANs 


Supports up to 64 port-based VLANs(IEEE 802.10 compliant) 
for security, logical network design, and the control of broadcast 
traffic. The 802.10 standard specifiesV LAN tagging for trunking 
VLANsfrom switch to switch, or switch to router. Compatible 
with all 802.10 equipment for easy integration into existing net- 
works. 


M ulti cast Control 


The IntraC ore 6524 supports standards based IGM P snooping for 
control of multicast traffic generated by bandwidth-hungry appli- 
cations such as video, ensuring maximum application and net- 
work performance. 


RM ON 


The administrator can use an RMON probe for in-depth traffic 
analysis, with support for four groups of RMON. 


SpanningTree Protocol 


SpanningTree Protocol (STP) detects and eliminatesdata loops to 
prevent broadcast storms from overwhelming your network. 


Y2K compliance 


All IntraC ore series modules are Y2K compliant. 



Table 1-2 IntraCore 6524 Features 
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Defaults and Specifications 

T he I ntraC ore 6524 is shi pped with the following factory default setti ngs and 
specifications: 



Configuration 


Default Setting 


Backplane Speed 


6.4Gbps 


Switching Method 


Store- and-forward 


Forwarding Rates: 
(64 byte packets) 


Switched 10M bps = 14,880 pps 
Switched 100M bps = 148,810 pps 
Switched 1000M bps = 1,488,100 pps 


Buffer Size 


8M B 


MAC AddressTable 


16K for MAC addresseson SRAM 


Full-Duplex 


Standards-based auto-negotiation enabled 


VLAN 


64 port-based VLAN s, GVRP support, 802. 1Q VLAN Tagging 


SpanningTree Protocol 


802.1D, enabled 


Priority 


802. lp, 8 levels mapped to 4 queues 


RM ON 


Groups 1-3, 9 


SNMP 


M 1 B-l 1 , Bridge M 1 B, RM O N M 1 B, Asante private M 1 Bs 


Console Baud Rate 


9600 


Password 


Asante 



Table 1-3 Defaults and Specifications 
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LEDs 

Thefollowing indicator lights are used on the I ntraC ore 6524. 





Color and Meaning 


Power 


Green - Power ison when lit 


Link/Speed 


Green - 100M bps 
Amber - 10M bps 


Duplex/Activity 


Green -Full Duplex 
Amber - H alf Duplex 
Blinking - Active 


Link (Gigabit Ports) 


Green - Connection and link have been made 
Blinking - Active 



Table 1-4 LEDs and their meanings 
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Installation and Setup 



T his chapter explainshow to install, connect, and configure the I ntraC ore 6524 
chassisand modules to work with your network. It also explainshow to set up 
your IntraCore 6524 for management, either from a console, via telnet, via 
SN M P, or by using a Web browser. 

Installation Guidelines 

Thefollowing guidelines will help you prepare to install your IntraCore 6524 in 
such a way that it has the proper power supply and environment. 

Power Requirements 

The source electrical outlet should be installed near the IntraCore 6524 and 
easily accessible. It must also be properly grounded. 

M ake sure the power source adheres to thefollowing guidelines: 

□ Input voltage range: 90 to 254 VAC 

□ Frequency range: 47/63 H z 

□ Maximum input AC Current: 2.0A at 115 VAC full load 
Environmental Requirements 

The IntraCore 6524 must be installed in aclean, dry, dust-free area with 
adequate air circulation to maintain thefollowing environmental limits: 

□ Operating Temperature: 0° to 40° C (32° to 104° F) 

□ Storage Temperature: -40° to 70° C (-40° to 158° F) 

□ Relative H umidity: 8% to 90% non-condensing 

□ SortgageRH : 0% to 95% non-condensing 

□ Storage Temperature: 5% to 85% non-condensing 

Avoid direct sunlight, heat sources, or areas with high levels of electromagnetic 
interference. 
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Cooling and Airflow 

Do not restrict airflow by covering or obstructing air vents on the sides of the 
IntraCore 6524. 

Installation Overview 

Thetablebelow shows the steps to install the IntraCore 6524. The steps that 
are optional are labeled "optional" and the steps that are required are labeled 
"required. "The sections that follow explain each step in detail. 





Action to Be Taken 


1 (Required) 


0 pen the box and check the contents See the Package C ontents sheet 
for a complete list of the items included with your I ntraC ore 6524. 


2 (Required) 


Install the IntraCore 6524 chassis in an equipment rack or wall rack, or 
prepare it for desktop placement. See page 2-3. 


3 (Required) 


Connect the power supply. See page 2-6. 


4 (Required) 


Connect network devices to the IntraCore 6524. See page 2-7. 


5 (Required) 


Configure the IntraCore 6524 for management capabilities. 
See page 2-8. 



Table 2-1 Installation Overview 
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Chassis Installation/Placement 

ThelntraCore6524 can Deinstalled in astandard 19-inch equipment rack. It 
can also be placed on a stable horizontal surface. 

▲ Theequipment rack or desk on which you install your 
lntraCore6524 must be secure and stable. Equipment racks 
must be fastened to the floor; desks must be resting on a 
flat, stable surface. 

Installation in an Equipment Rack 

To install the unit in an equipment rack, use the following procedure: 
Safety Precautions for Rack Installation 

▲ Important! Before continuing, disconnect all cablesfrom 
the lntraCore6524. 



Equipment Rack Guidelines 



Guideline 


Specification 


Size 


Width; 17.75 inches (45. 1cm). 

Depth: 19.25 inches(48.9 cm) to 32 inches(81.3 cm). 


Ventilation 


Ensure that the rack is installed in a room where the temperature remains 
below 40° C (104° F). Ensure also that there are no obstructions such as 
other equipment or cables, blocking airflow to or from the IntraCore 6524 
vents. 


Clearance 


In addition to providing clearance for ventilation, ensure that there is ade- 
quate clearance for servicing the 1 ntraC ore 6524 from the front. 



Table 2-2 Equipment Rack Guidelines 
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Equipment Rack Installation Procedure 

To mount the I ntraC ore 6524 in an equipment rack: 

1 Place the I ntraC ore 6524 on aflat, stable surface. 

2 Locatea rack-mounting bracket (supplied) and placeitover 
themounting holes on onesideof theunit. 

3 Insert six screws (supplied) into the holes and tighten with a 
Phil lips screwdriver. Do not use fewer than sixscrewsfor 
this mounting. 

4 For the other side of theunit, repeat the two previous steps. 

5 Place the unit in theequipment rack. 

6 Secure the unit by screwing its mounting brackets to the 
equipment rack. Useaminimum of four screws for this 
purpose. 

▲ Important! M ake sure the unit is supported until all 
themounting screws for each bracket are secured to the 
equipment rack. Failure to do so could causetheunitto 
fall, resulting in personal injury or damage to theunit, 
or both. 

Free-Standing/Desktop Placement 

ThelntraCore6524 has four rubber feet on the bottom of the case that allow 
for free-standing placement of theunit. 

For free-standing/desktop placement: 

1 Attach the four rubber pads (supplied) to the bottom of 
each corner of the I ntraC ore 6524 case. 

2 Placethe unit on aflat surface with aminimum areaof 
17.1" x 13.5" (434.3 mm x 342.9 mm) and support capac- 
ity of 22lbs(10kg). 

3 M ake sure there is enough ventilation space between the 
IntraCore 6524 and surrounding objects. 
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Installing GBIC Interfaces 

If you have installed Gigabit Ethernet switch modules, you must install GBIC 
interfaces. I nstructionsfor installing, removing, and maintaining GBIC 
interfaces are provided in this section. 

♦ Note: GBICsarehot-swappable. 

Installing a GBIC 

To install a GBIC interface into a Gigabit Ethernet module: 

1 RemovetheGBIC from its protective packaging. 

2 Gripthesidesof theGBIC with yourthumb and forefinger, 
then insert theGBIC into theslot on the face of the Gigabit 
Ethernet module. 

3 Slide theGBIC into theslot until you hear or feel aclick. 
Theclick indicates that theGBIC islocked into theslot. 

4 W hen you are ready to attach the fiber-optic cable, remove 
theplugsfrom theGBIC and save them for future use. 

Removing a GBIC 

To removeaGBIC interface from a G igabit Ethernet module: 

1 Disconnect the fiber-optic cable from theGBIC SC-type 
connector. 

2 Release the GBIC from theslot by simultaneously squeez- 
ing the plastic tabs on both sides of theGBIC. 

3 Slide the GBIC out of the slot. 

4 Install theplugsin theGBIC optical bores, and place the 
GBIC in protective packaging. 
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GBIC Care and Handling 

Follow theseGBIC maintenance guidelines: 

□ Unnecessary removal and insertion of aGBIC can lead to its prema- 
ture failure. A GBIC hasalifetimeof 100 to 500 removals/insertions. 

□ GBICs are static-sensitive. To prevent ESD damage, follow your nor- 
mal board and component handling procedures. 

□ GBICs are dust-sensitive. When the GBIC is stored or when a fiber- 
optic cable is not plugged in, always keep plugs in the GBIC optical 
bores. 

□ Use an alcohol swab or Kim-Wipe to clean the ferrules of the optical 
connector. The most common source of contaminants in the optical 
bores is debris picked up from the optical connectors. 

Connecting Power 

To connect power to the I ntraC ore 6524, use the following procedure: 

▲ Important! Carefully review thepower requirements on 
page 2-1 before connecting power to the I ntraC ore 6524. 

1 Plug one end of the supplied power cord into the power 
connector on the back of the unit. 

2 Plug the other end into a grounded AC outlet. 

Thefront panel LEDsblink and the Power LED illumi- 
nates. The I ntraC ore 6524 is ready for connection to the 
network. 

▲ Important! If the power does not come on, refer to 
Appendix A, "Troubleshooting." 
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Connecting to the Network 

ThelntraCore6524 unit may be connected to an Ethernet network, with the 
unit either powered on or off. Use the following procedure to makeyour 
network connections. 

1 Connect network devicesto thelntraCore6524, following 
the cable guidelines outlined below. 

2 After the unit is connected to the network, it can be config- 
ured for management capabilities. See "Configuring for 

M anagement" on page 2-8. 

10/100BaseX Ports Cabling Procedures 

The 24 10/100 ports on the I ntraC ore 6524 allow for the connection of 
lOBase-T or 100Base-TX network devices.Theportsarecompatiblewith 
IEEE 802.3 and 802. 3u standards 

▲ Important! T he I ntraC ore 6524 must be located within 
100 meters of its attached lOBase-T or 100Base-TX 
devices. 





Network Station 


Category 5 UTP (Unshielded Twisted-Pair) straight-through cable 
(100 meters maximum) with RJ -45 connectors. 


Repeater/H ub/Switch 


Category5, UTP cross-over cable (100 meters maximum) with RJ- 
45 connectors. 


Repeater/H ub/Switch's 
Uplink port 


Category 5, UTP straight-through cable (100 meters maximum) 
with RJ -45 connectors. 



Table 2-3 1 0/1 OOBaseTX cabling requirements 
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1000BaseX Ports Cabling Procedures 

Cabling requirements for the 2-port Gigabit Ethernet modules depend on the 
type of G BIC interface that has been installed. Use thefollowing chart to 
determine the cabling requirements for your G BIC. 



Connecting To 


Cable Required 


lOOOBaseSX GBIC 


Cables with SC -type fiber connectors: 62.5 micron multimode 
fiber media up to 275 meters long, or 50 micron multimode fiber 
media up to 550 meters long. 


lOOOBaseLX Long 
Haul GBIC 


Cables with SC-typefiber connectors: 10 micron single mode fiber 
media up to 100 kilometers long. 


lOOOBaseLX GBIC 


Cables with SC-typefiber connectors: 10 micron singlemodefiber 
media up to 5 kilometers long. 



Table 2-4 1 0OOBaseX cabling requirements 



Configuring for Management 

To usethelntraCore6524 as a managed switch, the IntraC ore 6524 must be 
configured with an IP address. You can accomplish this configuration in one of 
two ways: 

□ automatically using BootP (default) 

□ manually via the unit's Console port 

▲ I mportant! For security reasons, you should also change 
theSN M P community strings before putting the IntraC ore 
6524 on your network. For instructions, see "Changing 
Community Strings" on page 3-17. 

BootP Configuration 

The IntraC ore 6524 is shipped with BootP support. If your network containsa 
BootP server configured with available, valid IP addresses, BootP allows the 
IntraC ore 6524 to be configured automatically with an IP address when the 
IntraC ore 6524 is connected to the network and is powered on. 

▲ Important! BootP configuration works only if the 
IntraC ore 6524 does not have an IP address assigned to it. 
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Use the following procedure to set up BootP: 

1 M akesureyour network hasa BootP server configured with 
a valid IP address entry for the I ntraC ore 6524. 

2 When the I ntraC ore 6524 is connected to the network and 
is powered on, it automatically transmits a BootP request 
across the network (up to 10 times) until it receives a valid 
IP address from the BootP server. 

3 After an IP address is received, the I ntraC ore 6524 can be 
managed via in-band access. For more information, see 
Chapter 3, "Configuration." 

To verify that avalid IP address was received, try to 'ping' the I ntraC ore 6524. 
If you can access the I ntraC ore 6524, it is properly configured with an IP 
address. 

For more information on using BootP, see "Bootstrap Configuration" on 
page 3-12. 

Connecting To a Console 

To make the cable connection from a terminal to the console port of the 
I ntraC ore 6524use the following procedure: 

1 Using a straight-through RS-232 cable with a 9-pin male 
D -subminiature plug at one end, connect a terminal or 
workstation (PC or Macintosh) running a terminal emula- 
tor to the console port on the back of the I ntraC ore 6524. 

2 M ake su re both u n i ts are powered on . 

If using a PC with a terminal emulator, make sure it is con- 
figured with thefollowing terminal settings: 

□ Baud: 9600 

□ Data Bits: 8 

□ Parity: None 

□ Stop Bits: 1 

□ Flow Control: None 

3 0 nee connected, the Local M anagement M ain M enu 
appears on the terminal screen. 
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For further information on setting an IP address for configuration of a terminal, 
or a computer running a VT 100 terminal or emulator (such as H yperTerminal, 
ProComm, orZTerm), see "System IP Configuration" on page 3-10. 



Management Options 

ThelntraCore6524 can be managed using any of the following methods: 





Type 


Description 


Console 


Out-of-band 
management 


Local connection to the IntraC ore 6524 via the console 
port 


Telnet 

(four sessions maxi- 
mum) 


In-band 
management 


Remote connection over the network to the 1 ntraC ore 
6524 via telnet session 


HTTP Server 


In-band 
management 


Remote connection to the 1 ntraC ore 6524 via a Web 
browser 


SNMP-Based Network 
M anagement Software 


In-band 
management 


Remote connection to the 1 ntraC ore 6524 via any 
SN M P-based network management application 



Table 2-5 Management Methods 
Therest of this section describes how to connect to the IntraC ore 6524 using 
either out-of-band or in-band management. 



Out-of-Band Management 

Out-of-band network management allows you to configure, manage, and 
monitor the IntraC ore 6524 and all of the installed modules. You can perform 
these functions by attaching a terminal (or a terminal emulator) to the Console 
port on themanagement engineand using the menu-driven Local M anagement 
Interface. 

Out-of-band network management is guaranteed even when the in-band 
Ethernet network is down. 

To access the IntraC ore 6524 Local M anagement Interface using out-of-band 
management, first follow the procedure in "Connecting To a Console" (above), 
then follow the instructions in "Local M anagement Interface" on page 3-2. 
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In-Band Management 

In-band network management allows you to configure, manage, and monitor 
the I ntraC ore 6524 over the Ethernet network. 

You can manage the I ntraC ore 6524 by: 

□ Connecting with a telnet program and using the Local M anagement 
Interface 

□ Connecting with any World Wide Web browser, and using the Web 
M anagement I nterface 

□ Connecting with any SN M P-based network management applica- 
tion and using its interface 

To manage the IntraC ore 6524 via in-band management, use the following 
procedure: 

1 M ake sure the network to which the IntraC ore 6524 is con- 
nected is functioning. 

2 M ake sure the IntraC ore 6524 is configured with valid IP 
information. See "Configuring for M anagement" earlier in 
this chapter. 

3 Connect to the IntraC ore 6524 via telnet, with a Web 
browser, or with any SN M P-based network management 
application. 

Telnet 

Use a network connection to any PC and enter the telnet command to 
access the I ntraC ore 6524. T he password prompt of the Local M anagement 
I nterface appears. Follow the instructions in "Local M anagement Interface" on 
page 3-2. 

♦ Note Almost all management screens using a telnet connec- 
tion are identical to those of the out-of-band console inter- 
face. On theM ain M enu, however, there is a q option for 
closing the connection to the I ntraC ore 6524. 
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Web Browser 

For information on managing the I ntraC ore 6524 with aWeb browser, refer to 
Chapter 5, "Web Browser M anagement." 

▲ Important! TheWeb browser interface to thelntraCore 
6524 is disabled by default. 

SNMP-Based Management 

For information on managing thelntraCore 6524 with SN M P-based 
management software, refer to C hapter 4, "Advanced M anagement," and your 
SN M P software manual. 

T he Asante private M IB for thelntraCore 6524 is avail able from theAsanteftp 
site, ftp://ftp.asantecom/M I BS/, or you can copy it from the I nstallation C D - 
ROM. 

Access to Remote N etwork M onitoring (RM 0 N ) features is avail able only by 
using an SN M P manager. See"SN M P and RM ON M anagement" on page 4-7 
for details. 
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This chapter describes how to manage the I ntraC ore 6524 using the Local 
M anagement Interface via an out-of-band console connection or an in-band 
telnet connection. 

Thischapter contains thefollowing sections: 



□ 


Local M anagement Interface 


□ 


Viewing General Information 


□ 


Configuration M enu 


□ 


System Administration Configuration 


□ 


System IP Configuration 


□ 


Bootstrap Configuration 


□ 


SN M P Configuration 


□ 


Port Configuration 


□ 


Advanced Port Configuration 


□ 


Global Port Configuration 


□ 


Unicast Forwarding Database Configuration 


□ 


Port M irroring Configuration 


□ 


Image File Downloading Configuration 


□ 


System Reset Configuration 


□ 


Viewing the System Log 


□ 


U ser 1 nterface C onfiguration 


□ 


Viewing Statistics 



Page 3-1 



Configuration 



Local Management Interface 

ThelntraCore6524 Local M anagement Interface is a menu-driven application 
that allows you to configure, manage, and monitor the and each of the ports in 
its different modules. 

The Local M anagement Interface can be accessed via two methods: 

□ Out-of-band connection to the Console port 

□ In-band connection viaTelnet (four sessions maximum) 

For instructions on how to connect to the I ntraC ore 6524, see "M anagement 
Options" on page 2-10. 

The rest of this chapter describes the Local M anagement Interface. 
Logging In 

W hen you connect to the Local M anagement Interface, the "Enter Password" 
prompt appears. Enter your password, then press Return. T he M ain Menu 
appears. 

▲ Important! T he default password is Asante. The pass- 
word is case- sensitive; enter it exactly as shown. For infor- 
mation on changing the password, see "Changing the 
Password" on page 3-48. 
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Main Menu 

After logging in, theM ain M enu appears, as shown in Figure 3-1. 





IntraCore 


6524 


Local Management System Version 1 . 02D 


Compiled Date: 


Jun 23 2000 19:53:29 


Asante Technologies, Inc. 


Copyright 


(c) 


1999 Asante Technologies, Inc. 


Main Menu 






<Cmd> 




<Description> 


g 




General Information 


c 




Configuration 


s 




Statistics 


q 




Close connection 


Command> 







Figure 3-1 Local M anagement M ain M enu 
From the Main Menu, you can access three submenus: 

□ General Information (see page 3-4) 

□ Configuration (see most of this chapter) 

□ Statistics (see page 3-50) 

Ifyou are using Telnet, afourth option for closing the connection is available 
as well. 

Accessing a Submenu 

To access a submenu, typethecommand letter that corresponds with theoption 
you need to use. For example, type g for General Information. 

Exiting a Submenu 

To exit a submenu, type q. 

To exit a command line without changing the configuration setting (e.g., the 
"Set Password" option in theUser Interface Configuration M enu), press ctrl-c. 
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Viewing General Information 

TheGeneral Information Screen displays the current operating information of 
the IntraC ore 6524, such asitsname, IP address, and boot information. 

To view General Information, typegfrom theM ain M enu. A screen similar to 
Figure 3-2 appears. 



IntraCore 6524 General Information Menu 

System up for: OOOday(s), 00hr(s), 43min(s), 47sec(s) 
Software Version 

Bank 1 Image Version/Date: l.OOE/Aug 23 2000 19:04:37 

Bank 2 Image Version/Date: 1. OOF /Aug 24 2000 14:09:25 (Running) 
System Information 

PROM Image Version/Date: 1.04 /Aug 10 2000 19:38:11 

DRAM Size: 16.0MB Flash Size: 8.0MB 

EEPRCM Size: 32KB Console Baud Rate: 9600 bps 

Administration Information 

System Name: Asante IntraCore Switch 

System Location: ZLabs Head Office 

System Contact: CLB 
System MAC Address, IP Address, Subnet Mask and Router 

MAC Address: 00 : 00 : 94 :C6:F3:EF 

IP Address: 192.168.52.208 

Subnet Mask: 255.255.255.0 

Router: 192.168.52.1 
Bootstrap Configuration 

Boot Load Mode: LOCAL 



Press any key to continue . . . 



Figure 3-2 G eneral I nformation screen 
♦ Note: The information displayed on this screen is read-only. 
To exit theGeneral Information Screen, press any key on your keyboard. 
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Table 3-1 describes each parameter in theGeneral Information screen. 





System Up Time 


Theamountof time the system has been running since last reset 

nr nnwpr nn 
ui puwta uii. 


Ranl^ 1 1 mario \/prcinn/ 
D dl 1 1\ l ill l dye v Cl j\ Ul 1/ 

Date 


T hp wprcinn anrl rnmni laHnn Hafp nf fhp n mfrimp rnrlp ("hat" ic 

1 1 IC VCJ j\ Ul 1 ul IU LUI 1 IUI IQLIUI 1 UdLC Ul LI IC 1 Ul 1 LI 1 1 1 C LUUC LI 1 dL 13 

stored in Bank 1. "(Running)" indicates code is currently active. 


Ranl^ 9 1 manpVprcinn/ 

D ul Irs L III IdLjc V Cl Dl Ul 1/ 

Date 


T hp wprcinn anrl rnmni laHnn Hafp nf fhp ri mHmp rnrlp fhaf ic 

1 1 IC VCI Dl Ul 1 dl IU LUI 1 1L>I 1 dLI Ul 1 UdLC U 1 LI IC 1 Ul ILI 1 1 1 C LUU C LI 1 dL ID 

stored in Bank 2. 


Prnm lmanp\/pr/n afp 
r i ui 1 1 1 1 1 1 dye v ci / u dLc 


T hp wprdnn anrl rnmni 1 afinn rlafp nf fhp PRO M 

1 lie VCI Dl Ul 1 dl IU LUI 1 \ yJ \ 1 dLI Ul 1 UdLC Ul LI IC r r\ \J \ v \ . 


DRAM c ii7P 
u r\M i v i 


T hp ci7P i n mpnah\/fpc (M R^ nf fhp i mif'c n \/nami r R anrlnm 
i i ic di z.c 1 1 1 1 1 icyduy lcd \ i u i □ / ui uicuiiiLDLjyiidiMiL r\diiuuni 

Access M emory. 


EEPRO M Size 


Thesizein megabytes(M B) of theunit'sEEPROM . 


Flash Size 


The size, in M B, of the switch's flash memory, or non-volatile 
RAM. 


Console Baud Rate 


T he current rate which data transfers to the console from the 
IntraC ore 6524. 


System N ame 


The name assigned to the IntraC ore for network purposes 


System Location 


The physical location of the 1 ntraC ore. 


System Contact 


Person responsible for configuration of the unit. 


MAC Address 


T he hardware address of the 1 ntraC ore 6524; this address cannot 
be changed 


1 P Address 


Theunit'sIP (Internet Protocol) address 


Subnet M ask 


T he 1 P subnet mask for the 1 ntraC ore 6524. 


Router 


The 1 P address of the default gateway router to which the switch 
belongs. 


Boot Load M ode 


The current method in use for loading the switch's software. 



Table 3-1 General Information settings 
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Configuration Menu 

The Configuration M enu allows you to manage and configure the I ntraC ore 
6524 and each of its ports. 

To access the Configuration M enu, type c from theM ain M enu. The 
Configuration Menu appears, as shown in Figure 3-3. 



IntraCore 


6524 Configuration Menu 


<Cmd> 


<Description> 


a 


System Administration Configuration 


i 


System IP Configuration 


b 


Bootstrap Configuration 


n 


SNMP Configuration 


P 


Port Configuration 


s 


Spanning Tree Configuration 


d 


Unicast Forwarding Database Configuration 


t 


Security Management 


V 


VLAN Management 


c 


IP Multicast Traffic Management 


m 


Port Mirroring Configuration 


f 


File Downloading Configuration 


r 


System Reset Options 


1 


System Log 


u 


User Interface Configuration 


q 


Return to previous Menu 


Coirmand> 





Figure 3-3 Configuration M enu 
Accessing a Submenu 

To access a submenu, type the command letter that corresponds with the 
configuration option you need to use. For example, type a for the System 
Administration Configuration M enu. 

Configuration Menu Options 

Table 3-2 describes each of the options in the Configuration M enu. 





System Administration 
Configuration 


D isplaysand allows you to change the name, location, and contact 
information for the IntraCore 6524. See page 3-8. 


System IP Configuration 


D isplaysand allows changing thel P Address of the IntraCore 
6524. This address is for network access to the switch. 
See page 3-10. 
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Menu Item (Cont.) 




Bootstrap Configuration 


Allows you to change boot bank and method for loading switch 
software, or change downloading parameters. See page 3-12. 


SN M P Configuration 


Displays and allows you to change the SN M P (Simple Network 
M anagement Protocol) parameters of the IntraC ore 6524 such as 
read/write community strings See page 3-16. 


Port Configuration 


Allows you to configure manually each of the switch's ports for 
speed, connection, link mode, and auto-negotiation. Also displays 
overall port status. See page 3-20. 


SpanningTree Configu- 
ration 


Displays and allows you to change SpanningTree parameters, to 
makesureyou prevent loopsin network paths See page 4-1. 


Unicast Forwarding 
Database Configuration 


Allows you to display theforwarding database, search thedatabase 
for M AC or 1 P addresses, or set the age-out time for M AC 
addresses. See page 3-30. 


Security M anagement 


Allows you to use various features such as Duplicate IP traps, for 
port security. See page 4-9. 


VLAN M anagement 


Allows you to set up virtual networks. See page 4-18. 


IP Multicast Traffic 
M anagement 


Allows you to set up group transmission. See page 4-37. 


Port M irroring 
Configuration 


Allows you to set a mirror port so that you can connect a traffic 
analyzer to the switch and monitor traffic on the mirrored port. 
See page 3-34. 


File Downloading Con- 
figuration 


Allows you to download an image file for the purpose of upgrad- 
ing the 1 ntraC ore 6524 software. See page 3-37. 


System Reset Options 


Allows you to reset the switch by a "warm" reboot, or arrange for 
an automatic reset up to 24 hours in advance. See page 3-43. 


System Log 


Allows you to view a record of any major system events or errors 
that have occurred on the 1 ntraC ore 6524. See page 3-45 


User Interface Configu- 
ration 


Allows you to set the idle time-out period and password for console 
and telnet access, and enableordisableHTTP access. See page 3-46. 


Return to Previous M enu 


Allows you to exit the Configuration Menu and return to the 
M ain M enu. 



Table 3-2 Configuration Menu Options 

M ost of the configuration options are described in detail in the rest of this 
chapter. The more advanced options are discussed in Chapter 4, "Advanced 
M anagement." 
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System Administration Configuration 

TheSystem Administration Configuration M enu displays and allows you to 
change the name of the I ntraC ore 6524, its location, and the contact 
information. 

To access the System Administration Configuration M enu, type a in the 
Configuration M enu. A screen similar to Figure 3-4 appears. 



IntraCore 6524 System Admin. Configuration Menu 


Description 


Asante Technologies, Inc. IntraCore 6524-2G 


Versions: 


FW(l.OOF) 


Object ID: 


1.3.6.1.4.1.298.2.2.24 


Name : 


Asante IntraCore Switch 


Location: 


ZLabs Main Office 


Contact : 


CLB 


<Cmd> 


<Description> 


n 


Set System Name 


1 


Set System Location 


c 


Set System Contact Information 


q 


Return to Previous Menu 


Command> 





Figure 3-4 System Administration Configuration M enu 



Current Settings 

The following table describes each setting on the System Administration 
Configuration M enu. 



Setting 




Name 


The name of the 1 ntraC ore 6524 (up to 64 characters, including 
spaces). 


Location 


Place where you have installed the IntraCore 6524 (up to 64 char- 
acters, including spaces). 


Contact 


T he name of the person or entity responsible for the 1 ntraC ore 
6524 (up to 64 characters, including spaces). 



Table 3-3 System Administration settings 
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Changing System Administration Info 

To change the name, location, or contact information for the I ntraC ore 6524, 
use the following procedure: 

1 Open theSystem Administration Configuration M enu by 
typing a in the Configuration Menu. 

2 Type the command letter of the item to be changed in the 
System Administration Configuration M enu. 

3 At the prompt, type the information you want to change. 

See Table 3-3 for a description of each parameter. 

♦ N ote: Each parameter is limited to 64 characters, 
including spaces. 

To cancel a selected option, press ctrl-c at the command 
prompt. 

4 Press Return. 

ThelntraCore6524 system administration information 
changes take effect. 

5 Type q to quit and return to the Configuration M enu. 
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System IP Configuration 

The System IP Configuration Menu displays and allows you to change the 
information needed to access the I ntraC ore 6524 over the network via in-band 
management. 

To access the System IP Configuration M enu, typei in the Configuration 
Menu. A screen similar to Figure 3-5 appears. 



IntraCore 


6524 System IP Configuration Menu 


System MAC Address: 


00:00:92:CC:BB:AA 


System IP Address: 


192.168.54.240 


System Subnet Mask: 


255.255.255.0 


System Default Router: 


192.168.54.2 


<Cmd> 


<Description> 




i 


Set IP Address 




m 


Set Subnet Mask 




r 


Set Default Router 


q 


Return to Previous 


Menu 


Command> 







Figure 3-5 System IP Configuration Menu 
▲ Important! By default, each address is set to 0.0.0.0. 

Current Settings 

Table3-4 describes each setting on the System IP Configuration M enu. 





System 1 P Address 


ThelP (Internet Protocol) address of the IntraCore 6524. 


System Subnet M ask 


The filter that determines how the IntraCore 6524 1 P address is 
split into network and host portions. 


System Default Router 


T he 1 P address of the default router for the 1 ntraC ore 6524. 



Table 3-4 System IP settings 
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Changing System IP Information 

To change the IP address, subnet mask, or default router of the I ntraC ore 6524, 
use the following procedure: 

1 Open theSystem IP Configuration M enu by typing i in the 
Configuration M enu. 

2 Type the command letter of the option you want to change. 

3 Type the new address at the prompt. 

See Table 3-4 for a description of each address. 

▲ Important! Follow the format: 

number.number.number.number 
To cancel a change, press ctrl-c at the command prompt. 

4 Press Return. 

T he I P setti ng change for the I ntraC ore 6524 takes effect. 

5 Type q to quit and return to the Configuration M enu. 
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Bootstrap Configuration 

The Bootstrap Configuration M enu displays (and allows you to change) the 
bootstrap parameters used for loading the software for the I ntraC ore 6524 at 
startup, and for downloading a new version of software when one is issued. 

To access the Bootstrap Configuration M enu, typeb in the Configuration 
M enu. If the Load M ode is set to Local, a screen similar to Figure 3-6 appears. 



IntraCore 6524 Bootstrap Configuration Menu 


Bank 1 Image Version/Date: E/Aug 23 2000 19:04:37 (Running) 
Bank 2 Image Version/Date: F/Aug 24 2000 14:09:25 


Load Mode: 
Boot Bank: 


Local 
2 


<Cmd> 
r 
a 

q 


<Description> 
Set Load Mode to REMOTE 
Toggle Boot Bank 
Return to previous menu 


Command> 





Figure 3-6 Local Bootstrap Configuration Menu 



When the IntraCore 6524 is powered on, it load sits software via one of two 
methods: locally (via its internal flash memory, which is the default setting) or 
remotely over the network. 

▲ Important! T he default Load M ode setting for the 
IntraCore 6524 is Local. 

Image Banks 

The IntraCore 6524 has two banks to store its run time software. The banks are 
referred to as bank 1 and bank 2. 

Either of these banks may be the Boot Bank, which is the bank from which the 
runtime code will beloaded thenext time the IntraCore 6524 isbooted. 

When downloading new runtime image codes, you may specify either of the 
two banks as the Destination Bank in which thenew code will beloaded. 

Loading Software Locally 

The IntraCore 6524 will always boot locally unless you set it to boot load 
remotely (see "Loading Software Remotely" on page 3-13). It would then 
download thenew image code and reset to load locally. To specify the Boot 
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Bank the IntraC ore 6524 will use when it boots locally, use the foil owing 
procedure: 

1 Open the Bootstrap Configuration M enu by typing bin the 
Configuration M enu. 

2 Typea in theBootstrap Configuration Menu if you need to 
toggle the Boot Bank setting for the next boot. Typically, 
you will want to set the boot bank to be the one on which 
the latest version of the I mage resides. 

The IntraC ore 6524 is set to load software locally from its flash memory. This 
occurs whenever the unit is powered on or reset. 

Loading Software Remotely 

To set the IntraC ore 6524 to download its software over the network from a 
remote server, usethefollowing procedure: 

1 Open the Local Bootstrap Configuration M enu by typing b 
in Configuration M enu. 

2 Open the Remote Bootstrap Configuration Menu by typing 
r in the Local Bootstrap Configuration Menu. The menu 
appears, as shown in Figure 3-7. 



IntraCore 6524 Bootstrap Configuration Menu 


Bank 1 Image Version/Date: E/Aug 23 2000 19:04:37 (Running) 


Bank 2 Image Version/Date: F/Aug 24 2000 14:09:25 


Load Mode: 


Remote 


Boot Mode: 


TFTP only 


Boot Server 


IP: 192.168.54.150 


Boot File Name: c:\base\newcrc.ima 


Retry Count 


: 5 


Boot Bank: 


1 


<Cmd> 


<Description> 


b 


Set Boot Mode to BCOTP-TFTP 


t 


Set Boot Mode to TFTP only 


1 


Set Load Mode to LOCAL 


s 


Set Boot Server IP Address 


f 


Set Boot File Name 


c 


Set Remote Boot Retry Count 


a 


Toggle Boot Bank 


q 


Return to Previous Menu 


Command> 





Figure 3-7 Remote Bootstrap Configuration Menu 
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Current Settings 

Table 3-5 explainseach setting on the Remote Bootstrap Configuration M enu. 





Running Image Version/ 
Date 


The version and compilation date of runtime code that iscur- 
rently running on the 1 ntraC ore 6524. 


Load M ode 


The current method for loading software for the 1 ntraC ore 6524. 

Remote— Loads the image file from a server on the network. 

Local — Executes the software image file from theinternal flash 
memory of the IntraC ore 6524 (default setting; the IntraCore 
6524 automatically reverts to thissetting after downloading a new 
software file). 


Boot M ode 


The method for requesting the image file from the network. This 
option is available only if you have selected RemoteLoad Mode. 

BootP-TFTP - Sets the IntraC ore 6524 to request an 1 P address 
from a BootP server AN D to download the software's image file 
throughTFTP (Trivial FileTransfer Protocol). 

▲ 1 mportant! To use this option, the IntraCore 
6524 1 P address must be set to 0.0.0.0. 

T FT P 0 N LY - Sets the 1 ntraC ore 6524 to only download the 
software image file through T FT P. 

▲ Important! To usethisoption, theswitch must 
already have an assigned IP address and the Load 

M ode must be set to Remote. 


Boot Server 1 P 


The Internet Protocol (IP) address of theTFTP server providing 
theTFTP capabilities on your network. Not Available if Boot 
Mode is BootP-TFTP. 


Boot File Name 


The name of the file you are going to request for download. Not 
available if boot mode isBootP/TFTP. 


Retry Count 


Number of attempts the IntraCore 6524 makes to download the 
image file if errors occur. The default is 5. 


Boot Bank 


Number of the destination bank for the image file you are down- 
loading (1 or 2). 



Table 3-5 Bootstrap Settings 
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3 Type b to set the Boot M ode to BootP-T FT P, or type t to 
set Boot M ode to T FTP only. If you choose BootP-T FTP 
mode, the options for setting the IP Address of theT FTP 
server and the Boot File Name become unavailable; in this 
case, skip Steps 4-7 and go on to Step 8. 

4 Typesin theBootstrap Configuration M enu, to select the 
option Set Boot Server I P Address. 

5 At the prompt, type the IP addressof the remote boot server 
that contai ns the switch's software i mage file. T hen press 
Return. The Bootstrap Configuration Menu appears. 

6 Typef to select the option Set Boot File Name. 

7 Type the software's file name/network path at the prompt. 

8 Press Return. 

♦ Note: If you decide to useLocal Load M oderather 
than Remote, type I. The Local Bootstrap Configura- 
tion Menu appears, as shown in Figure 3-6. 

ThelntraCore6524 is now set to download its software remotely from the 
network. T his will occur the next time the unit is powered on or reset. 
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SNMP Configuration 

TheSN M P Configuration M enu allows you to configure the unit's read and 
write community strings, and to enable or disable authentication traps. This 
menu also allows you to specify which of your network management stations 
will receive traps from the. 

Thesoption in the Configuration M enu displays the SN M P (Simple Network 
M anagement Protocol) Configuration M enu, as shown in 
Figure 3-8. 

For further details on using SN M P and RM ON for remote management of 
your network, see Chapter 4, "Advanced M anagement." 

▲ Important! Besureto changetheSN M P community 
strings in order to prevent unauthorized access to manage- 
ment information. 



IntraCore 6524 SNMP Configuration Menu 


SNMP Read Community: 
SNMP Write Community: 
Trap Authentication: 


public 

private 

Enabled 


SNMP Trap Receivers: 
IP Address 

1. 192.168.54.150 

2. 192.168.54.110 

3. <EMPTY> 

4. <EMPTY> 


Community 

private 

Sarah 

<EMPTY> 

<EMPTY> 


<Cmd> <Description> 

r Set SNMP Read Community 

w Set SNMP Write Communtiy 

t Toggle Trap Authentication Enable/Disable 

a Add/Update SNMP Trap Receiver 

d Delete SNMP Trap Receiver 

q Return to Previous Menu 


Command> 





Figure 3-8 SN M P Configuration M enu 
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Current Settings 

Table 3-6 describes each setting on theSN M P Configuration M enu. 





SN M P Read Commu- 
nity 


The string that defines access rights for reading SN M P data 
objects. The default is public. 


SNMP Write Commu- 
nity 


The string that defines access rights for writing SN M P data 
objects. T he default is private. 


Trap Authentication 


The status of theSN M P agent for authentication trap generation. 
The default is disabled. 


SN M P Trap Receivers 


The IP addresses of the network management stations that can 
receive traps from the IntraC ore 6524. Normally, these addresses 
are the same as your network management software systems' 1 P 
addresses. 

▲ Important! A maximum of four trap recovers 
is allowed. 



Table 3-6 SNMP Settings 



Changing Community Strings 

To change the I ntraC ore 6524 community strings, use the following procedure: 

1 Open theSN M P Configuration M enu by typing n in the 
Configuration M enu. 

2 To change the read community string, type r. To change the 
write community string, typew. 

3 At the prompt, type a new community string. 

For a description of read and write community strings, see 
Table 3-6. 

To cancel a selected option, press ctrl-c at the command 
prompt. 

4 Press Return. The new string takes effect. 

5 Type q to quit and return to the Configuration Menu. 
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Enabling Authentication Traps 

T he I ntraC ore 6524 can be set to generate authentication traps. Authentication 
traps are messages sent across the network to an SN M P network management 
station. They alert you when someone attempts to read or change data without 
the proper community string. 

To set the I ntraC ore 6524 to generate traps, use thefollowing procedure: 

1 Open theSN M P Configuration M enu by typing n in the 
Configuration M enu. 

2 To toggletrap authentication to Enabled, type a. 

To cancel the change, press ctrl-c at the command prompt. 

3 Press Return. The new setting takes effect. 

4 Type q to quit and return to the Configuration M enu. 

Adding or Updating a Trap Receiver 

Trap receivers are network management stations designated to receive traps 
from the lntraCore6524. 

▲ Important! The maximum number of trap receivers that 
can beset is four. 

To add or update a trap receiver entry, use the following procedure: 

1 Open theSN M P Configuration M enu by typing n in the 
Configuration M enu. 

2 Type a to Add a Trap Receiver. An IP prompt appears. 

3 Type the new or updated IP address of the network manage- 
ment station you want to receive traps, then press Return. 

To cancel an entry, press ctrl-c at the command prompt. 

4 Typethetrap receiver'scommunitystringatthepromptfor 
it, then press Return again. 

The trap receiver entry is added or updated. Type q to 
return to the Configuration M enu. 
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Deleting a Trap Receiver 

Use the following procedure to deleteatrap receiver you have previously 
designated: 

1 Open theSN M P Configuration M enu by typing n in the 
Configuration M enu. 

2 Type d to D elete a Trap Receiver. A prompt for the entry 
of the trap receiver appears. 

3 Enter the number of the entry you want to delete (1,2,3, or 
4) and press Return. 

The trap receiver is deleted from theSN M P Trap Receivers list. 
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Port Configuration 

The Port Configuration M enu allows you to manually configure each port of 
the IntraC ore 6524 for port speed, duplex, and auto-negotiation. It also 
provides an overview of the entire IntraC ore 6524 system's port operating 
status. 

To access the Port Configuration M enu, typep in the Configuration M enu. A 
screen similar to Figure 3-9 appears. 



IntraCore 6524 Basic Port Configuration Menu Module: [1] Port: [01] 

Operating Status: + + — 

Auto Negotiation: ******** *_****** ******** — 
Speed/Duplex: hhhhhhhH hhhhhhHH hhhhhhhh GG 

Port Status: Enabled Link Status: Up (RJ45-TX) 

Auto-Neg: Enabled[ABCD] Link Speed: 100 Mbps (Half Duplex) 



<Cmd> <Description> 

h Help for legends 

t Toggle Port Status Enable/Disable 

u Toggle Auto-Negotiation/Manual 

1 Toggle 10M/100M bps Link Speed 

d Toggle Half/Full Duplex 

o Modify Auto-Negotiation Advertisement 

r Restart Auto-Negotiation 

a Advanced Port Configuration 

g Global Port Configuration 

q Return to Previous Menu 



Command> 

Select port Next port Prev port 



Figure 3-9 Port Configuration M enu 
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Viewing Legends for Configuration Settings 

To see legends explaining the symbols used for both the Basic and Global 
Port Configuration M enu settings, typeh. A screen appears, as shown in 



Figure 3-10. 


Legends for port status: 


Legends for port speed & duplex: 


X - Absent 


f - 10 Mbps & full duplex 


- - Link down 


F - 100 Mbps & full duplex 


D - Disabled by Mgmt Action 


h - 10 Mbps & half duplex 


d - Disabled by Security Violation 


H - 100 Mbps & half duplex 


B - Blocking 


G - 1 Gbps & full duplex 


S - Listening 




R - Learning 


Legends for port priority: 


+ - Forwarding 


(The range is from 0 to 7) 


M - Mirror Port 


0 - priority 0 (lowest) 


Legends for Enable/Disable State: 


1 - priority 1 


- - Disabled 


2 - priority 2 


* - Enabled 


3 - priority 3 




4 - priority 4 


Legends for Auto-Negotiation Advertisement 


: 5 - priority 5 




6 - priority 6 


A - 100Base-TX full duplex mode 


7 - priority 7 (highest) 


B - 100Base-TX half duplex mode 




C - lOBase-T full duplex mode 




D - lOBase-T half duplex mode 




Press any key to continue... 





Figure 3-10 Legends for all Port Configuration Menus 
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Current Port Settings 

Thecurrent moduleand port for which statistics are displayed isshown in the 
top right corner of the Port Configuration M enu. Table 3-7 describes each 
setting on the Port Configuration M enu. 



Setting 


Description 


Module Number 


T he number of the module of which the selected port is a mem- 
ber. (Always module 1) 


Port Number 


T he number of the port for which parameters are shown. 


Operating Status 


This field displays status symbols for each of the current module's 
ports. For details, see the legend in Figure 3-10. 


Auto Negotiation 


This field displays disabled/enabled symbols for each of thecur- 
rent ports. For details, see the legend in Figure 3-10. 


Link Speed/Duplex 


This field displays speed/duplex setting symbols for each of the 
current ports. For details, see the legend in Figure 3-10. 


Port Status 


Tells whether the selected port is enabled or disabled. 


Link Status 


Tells whether the selected port's link is up or down. 'Up' indicates 
a network device is connected to the port. 'Down' indicates that 
either a device isn't connected or that the device is powered down. 
The port'slink speed and duplex mode are in parentheses 


Auto- N eg 


Tells whether auto-negotiation is enabled or disabled for the 
selected port, and for which modes, A, B, C, or D . For details, see 
the legend in Figure 3-10. 


Link Speed 


Tells the speed and duplex mode of the port's current link. 



Table 3-7 Port Configuration Menu settings 
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Enabling or Disabling a Port 

The enabling or disabling of a port is a manual operation that can be used to 
isolate a network device that might be causing problems on the network, or to 
prevent unauthorized use of a port or station. 

To enableor disablea port, use the following procedure: 

1 Access the Port Configuration M enu by typing p in the 
Configuration M enu. 

2 To select the port you want to enableor disable, types, n, or 
p in the Basic Port Configuration M enu. 

3 Totoggletheport'sconnection to either enabled or disabled 
status, typet. 

The port's status is changed immediately, and it is reflected in the Port 
Configuration M enu's Port Status indication and the 0 perating Statussymbol 
for the port. 

Configuring Auto-Negotiation 

Auto-negotiation is a feature of the Fast Ethernet standard that enables two 
devices on a common segment to communicate their transmission speed 
capabilities. Thisfeature allows the devices to determineand use their highest 
common speed and best communication parameters. 

▲ Important! By default, all of the ports are set to Auto 
Negotiation. 

To enable auto-negotiation, or return to manual-setting mode, use the 
following procedure: 

1 Access the Port Configuration M enu by typing p in the 
Configuration M enu. 

2 To select the port for which you want to set the auto-negoti- 
ation mode, in the Basic Port Configuration M enu, types, 
n, or p. 

3 Totoggletheport'sauto-negotiation modeto Enabled or to 
return it to M anual, typeu. 

TheAuto Negotiation statuschangesimmediately, and isdisplayed on theAuto 
Negotiation line near the top of the Port Configuration M enu. 

▲ Important! If you change the port's status from M anual 
to Enabled you must type r to restart auto-negotiation. 
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Configuring a Port Manually 

If you have changed the Auto Negotiation status of a port to M anual, as 
described in the previous section, you can togglethe link speed from 10M bpsto 
100M bps and back, and toggle the port from half to full duplex and back. 

Toggling Port Link Speed 

U se the fol I owi ng proced u re to toggl e th e port's I i n k speed : 

1 Access the Port Configuration M enu by typing p in the 
Configuration M enu. 

2 To select the port for which you want to set the link speed, 
in the Basic Port Configuration M enu, types, n, or p. 

3 To toggle the port's link speed, typel. 

Thelink speed ischanged immediately, and the change is reflected in the Link 
Speed line near the top of the Port Configuration Menu. 

Toggling Half to Full Duplex 

H alf duplex mode allows transmission in two directions on the same channel, 
but only in one direction atatime. Full duplex modeallows transmission in 
two directions on the same channel at the same time. 

▲ Important! To use full duplex mode, the device to which 
the port is connected must support and be configured for 
duplex mode. 

Usethefollowing procedureto changetheduplexmodesettingfor a port that is 
in M anual status: 

1 Access the Port Configuration M enu by typing p in the 
Configuration M enu. 

2 To select the port for which you want to set the duplex 
mode, in the Basic Port Configuration M enu, types, n, 
or p. 

3 To toggle the port's duplex mode, typed. 

The duplex mode is changed immediately, and the change is reflected in the 
Link Speed/Duplex line near the top of the Port Configuration M enu. 
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Configuring 1000BaseX Ports 

Because lOOOBaseX ports are always in full duplex mode, the only 
configuration option for lOOOBaseX ports is enabling and disabling the port. 

Enabling or Disabling a Port 

Enabling or disabling a port is a manual operation. You can enable or disable a 
port to isolate network devices that may be causing problems on the network or 
to prevent unauthorized use of a port or station. 

To enableor disablea port, use the following procedure: 

1 Access the Port Configuration M enu by typing p in the 
Configuration M enu. 

2 In the Basic Port Configuration M enu, uses, n, or p to 
select the port you want to enable or disable. 

3 Typettotoggletheport'sconnection to either enabled or 
disabled status, as desired. 

The port's status is changed immediately, and it is reflected in the Port 
Configuration M enu's Port Status indication and the Operating Status symbol 
for the port. 
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Advanced Port Configuration 

TheAdvanced Port Configuration M enu allows you to control the port 
broadcast and multicast rate, to enableor disable 802. 3x flow control, and to 
set the default priority of the port. 

To access the Advanced Port Configuration Menu, from the Port Configuration 
M enu, type a. TheAdvanced Port Configuration M enu 
appears, as shown in Figure 3-11. 



IntraCore 6524 Advanced Port Config Menu Module: [1] Port: [01] 



Operating Status: + — 

Flow Ctrl: 

Class of Service: _******* ******** ******** ** 

Priority: 00000000 00000000 00000000 00 

Flow Control: Disabled 
IEEE 802. lp Traffic Class Of Service: Disabled 
Port Default Priority: 0 

<Cmd> <Description> 

h Help for legends 

f Toggle 802. 3x Flow Control Enable/Disable 

c Toggle Traffic Class Of Service (COS) Enable/Disable 

i Set Port Default Priority 

q Return to Previous Menu 

Command> 

Select port Next port Prev port 



Figure 3-11 Advanced Port Configuration Menu 

Thefollowing subsections explain the configuration optionsin theAdvanced 
Port Configuration M enu. 
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Current Settings 

The settings shown in thetop portion of the Advanced Port Configuration 
M enu are described in Table 3-8. 





Module Number 


T he number of the module of which the selected port is a mem- 
ber. (Always module 1) 


Operating Status 


T his field displays status symbols for each of the current module's 
ports. For details, see the legend in Figure 3-10. 


Flow Control 


The status of flow control for the current port.When enabled, it 
allows you to control traffic and avoid congestion, such as when 
the port is receiving too much traffic for the available buffer 
resources. 


Class of Service 


T he status of the class of service for the current port. 


Priority 


The priority ranking for the port regarding data transmission dur- 
ing periods of peak or heavy on the traffic. Ports with higher prior- 
ity take precedence when there is traffic congestion. 



Table 3-8 Advanced Port Configuration Menu settings 



Enabling or Disabling 802. 3x Flow Control 

Use the following procedure to control traffic and avoid congestion, such as 
when there is a shortage of buffer resources for the port. Flow control is 
accomplished by means of standard PAUSE control frames for each port, 
independent of all others. Before you can enable flow control for a port, that 
port must be configured to operate in Full Duplex mode. 

If you enableflow control on a port, and that port runs short of buffer 
resources, the port will transmit PAU SE frames. When it receives them, the link 
partner obeys these PAUSE frames. When the low-resource situation is relieved, 
the port sends out PAUSE frames with zero time values. This ends the pause 
state that was imposed on the end-station. 

To enableflow control, take the foil owing steps. 

1 Access the Port Configuration M enu by typing p in the 
Configuration M enu. 

2 In the Basic Port Configuration M enu, type a to open the 
Advanced Port Configuration M enu. 



Page 3-27 



Configuration 



3 To select the port for which you want to enable or disable 
flow control, types, n, or p. 

4 To toggle flow control for the selected port, type f. 

In theAdvanced Port Configuration M enu, the Flow Control symbol for the 
selected port reflects its change in state, as does the802.3x Flow Control 
setting. 

▲ Important! When using this method of flow control, 
the link partner must be configured to recognize PAUSE 
frames. 

Setting Port Class of Service 

To set a port's class of service, take the following steps. 

1 Access the Port Configuration M enu by typing p in the 
Configuration M enu. 

2 In the Basic Port Configuration M enu, type a to open the 
Advanced Port Configuration M enu. 

3 To select the port for which you want to enable or disable 
flow control, types, n, or p. 

4 To toggle flow control for the selected port, type c. 

In theAdvanced Port Configuration Menu, the Class of Service symbol for the 
selected port reflects its change in state. 

Setting Port Default Priority 

This priority setting determines the order in which the port forwards packets. 
Each port is associated with a traffic class: zero (0) isthe lowest, and the default 
priority level. Seven (7) isthe highest priority level. Usethefollowing procedure 
to set the priority for a port: 

1 Access the Port Configuration M enu by typing p in the 
Configuration M enu. 

2 In the Basic Port Configuration M enu, type a to open the 
Advanced Port Configuration M enu. 

3 U se s, n, or p to select the port for which you want to set 
the default priority. 
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4 Type i to set the priority for the selected port. 

5 Enter the priority, from 0 to 7, and press Return. 

The new default priority is shown on the Advanced Port Configuration M enu. 

Global Port Configuration 

TheGlobal Port Configuration Menu allows you to simultaneously change the 
configuration information for all ports in a module. 

To change the port configuration for all ports in a module, use the following 
procedure: 

1 From the Configuration Menu, type p to access the Port 
Configuration M enu. 

2 From the Basic Port Configuration M enu, type g. The 
Global Port Configuration M enu appears, as shown in 
Figure 3-12. 



IntraCore 6524 Global Port Configuration Menu Module: [1] Port: [01] 



Operating Status: 
Auto Negotiation: 
Speed/Duplex : 
Flow Ctrl: 
Class of Service: 
Priority : 



******** 
Hhhhhhhh 



******** 

hhhhhhhh 



_******* 
00000000 



******** 
00000000 



******** 
hhhhhhhh 



******** 
00000000 



** 

hh 



** 
00 



<Cmd> <Description> 

h Help for legends 

t Select Global Ports Status Enable/Disable 

u Select Global Auto-Negotiation/Manual 

1 Select Global 10M/100M bps Link Speed 

d Select Global Half/Full Duplex 

0 Modify Global Auto-Negotiation Advertisement 

f Toggle Global 802. 3x Flow Control Enable /Disable 

1 Set Global Port Devault Priority 
q Return to Previous Menu 



Command> 



Figure 3-12 Global Port Configuration M enu 

Follow the procedures in the following sections: "Port Configuration" on 
page 3-20 and "Advanced Port Configuration" on page 3-26. 
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Unicast Forwarding Database Configuration 

TheUnicast Forwarding Database Configu ration M enu allows you to view and 
search for addresses in theM AC Forwarding Table for the I ntraC ore 6524. It 
also provides optionsfor displaying MAC addresses and I P/M AC binding by 
individual port or by VLAN . 

T he M AC Forwardi ng Table is a table of node addresses that the I ntraC ore 
6524 automatically builds by "learning." It performs this task by monitoring 
the packets that pass through thelntraCore6524, checking the source and 
destination addresses, and then recording thesourceaddressinformation in the 
table. 

ThelntraCore6524 uses the information in thistableto decide whether a 
frame should be forwarded to a particular destination port or "flooded" to all 
ports other than the received port. Each entry consists of three parts: the M AC 
address of the device, the port number on which it was received, and the VLAN 
number. 

♦ Note: TheM AC address table can hold amaximum of 
8,192 entries. 

When you typed in the Configuration M enu, the U nicast Forwarding 
Database Configuration Menu appears, as shown in Figure 3-13. 



IntraCore 6524 Unicast Forwarding Database Configuration Menu 


Age-out Time: 300 sec. 


MAC Address Count: 33 


IP Address 


Count: 21 


<Cmd> 


<Description> 


a 


Display All Forwarding Database With/Without IP 


P 


Display Forwarding Database By Port With/Without IP 


V 


Display Forwarding Database by VLAN With/Without IP 


m 


Search for MAC Address 


i 


Search for IP Address 


t 


Set Age-Out Time 


q 


Return to Previous Menu 


Command> 





Figure 3-13 Unicast Forwarding Database Configuration Menu 
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Current Settings 

Table 3-9 explainseach setting on the Forwarding Database Configuration 
M enu. 





Age-out Time 


Thenumber of seconds that addresses are retained in the table. 
The default is 300 seconds The range is from 10 to 1,000,000. 


MAC Address Count 


Thenumber of entries currently in theMAC AddressTable. 


IP Address Count 


Thenumber of entriesin theMAC AddressTable that contain a 
corresponding 1 P address. 



Table 3-9 Forwarding Database Configuration Menu settings 



Displaying the Forwarding Database 

Use the following procedure to view the Unicast Forwarding Database table. 

1 Open the Unicast Forwarding Database Configuration 
Menu bytypingd in the Configuration Menu. 

2 Type either a, p, or v, depending on the range of M AC 
addresses you want to view. 

Typeato display the MAC addresses learned on all ports on 
thelntraCore6524. 

Type p to specify a port, then see the MAC addresses for 
that port only. 

Type v to specify a V LAN , then see the M AC addresses for 
the member ports of that V LAN only. 

3 At the prompt which appears, typey to see IP addresses in 
the display or type n to seethedisplay without IP addresses, 
then press Return. The selected display appears. 

Figure 3-14 shows an example of the U nicast Forwarding D atabase table for all 
ports, without the IP displayed. 
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TheType field refers to the type of M AC address. TheType setting may be: 

□ S— static (set by management, and will not age out) 

□ D — dynamic (learned by the switch; will be aged out) 

□ M — multiple (associated with multiple IP addresses, as in the case 
of a router) 

□ I - Self (the M AC address of the I ntraC ore 6524) 



Entry Type : ( D = Dynamic , S = Static , I = Self ) 

+ + + + + + 

I Module I Port I Type I MAC Address I VLAN ID | 



1 


2 


S 


00 


00 


94 


75 


2A:21 


0001 


1 


6 


D 


00 


00 


94 


9A 


BF:54 


0001 


1 


6 


D 


00 


00 


94 


B4 


66:48 


0001 


1 


6 


D 


00 


00 


94 


B4 


7A:8D 


0001 


1 


6 


D 


00 


00 


94 


B5 


1B:B1 


0001 






I 


00 


00 


94 


DD 


75:01 


0001 


1 


11 


D 


00 


10 


4B 


36 


91: AC 


0001 



End of Summary, Quit 



Figure 3-14 U n i cast Forwarding Database, all ports, without IP displayed 

Searching for a MAC Address 

T he Unicast Forwarding Database can be searched byMAC address or bylP 
address. To search for a specific M AC or IP address, usethefollowing 
procedure: 

1 Access the Unicast Forwarding Database Configuration 
Menu bytypingd in the Configuration Menu. 

2 Type m to search for a M AC address 
Type i to search for an I P address. 

3 Type the MAC or I P address at the prompt. 

4 Press Return. 

If the address is located, it is displayed, with its associated information, as 
shown in Figure 3-15. If the address is not located, a message appears, stating 
this 
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The MAC Address Search Suitrnary 



Port: 
Type: 

MAC Address: 
VLAN ID: 
IP Address: 



6 



Dynamic 



00:00:94:11:12:13 

0002 

192.168.54.111 



press any key to continue... 



Figure 3-15 M AC Address Search summary 



TheSearch Summary screen tells the location of theMAC orIP address, the 
module, port, and thedomain name. Configuration information, such as the 
type, age, and priority are also displayed. 

Setting the MAC Address Age-Out Time 

Thisoption sets the Age-Out Time for the MAC Forwarding Table. 

The Age-Out Time is the number of seconds that addresses remain in the table 
after being learned by the I ntraC ore 6524. The default is 300 seconds 

Use the following procedure to set theMAC address Age-Out Time. 

1 Access the Unicast Forwarding Database Configuration 
Menu bytypingd in the Configuration Menu. 

2 Type t to set the MAC Address Age-Out Time. 

3 Enter the new Age-Out time (in seconds) at the prompt. 

4 Press Return. 

TheMAC Address Age-Out Time is changed and isdisplayed atthetop of the 
Unicast Forwarding Database Configuration M enu. 
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Port Mirroring 

Port mirroring allows you to configure the I ntraC ore 6524 to copy all traffic 
associated with one port (theM onitor Port) to aM irror Port on the switch. You 
can connect the M irror Port to a network analyzer or RM 0 N probe for packet 
analysis. You can configure theM onitor Port to send either transmitted or 
received traffic to the M irror Port. 

In the IntraC ore 6524, port 13 isalwaystheM irror Port. You can specify any 
other port to be a M onitor Port, except ports 25 and 26, the two Gigabit ports 
in the switch. 

To configure port mirroring in the IntraC ore 6524, typem in the 
Configuration M enu. A screen similar to Figure 3-16 appears. 



IntraCore 6524 Port Mirroring Configuration Menu Module: [1] 


System Port Mirroring Status: [Enabled] 


Mirror Port: [13] 


Monitor Port: [08] 


Port Traffic Monitor Type: [Port Receive Data] 


<Cmd> 


<Description> 


s 


Set Monitor Port 


t 


Toggle System Port Mirroring Enable/Disable 


e 


Toggle Port Monitor Type Receive/Transmit Data 


q 


Return to previous menu 


Coirmand> 





Figure 3-16 Port M irroring Configuration M enu 
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Current Options 

Table 3-10 describes the settings shown in thePort M irroring Configuration 
M enu. 





System Port M irroring 
Status 


1 ndicates the current status of port mirroring for the switch. If 
port mirroring is enabled, traffic from the M onitor Port will be 
copied to the M irror Port. 


M irror Port 


The port that mirrors the traffic from the M onitor Port. For the 
IntraC ore 6524, this is always port 13. 


Monitor Port 


The port being monitored. 


Port Traffic Monitor 
Type 


The type of traffic from the M onitor Port that iscopied to the 
M irror Port. Port Receive D ata indicates monitoring of the traffic 
received by the M onitor Port. Port Send Data indicates monitor- 
ing of the traffic sent by the M onitor Port. 



Table 3-1 0 Port Mirroring Configuration settings 



Enabling or Disabling System Port Mirroring 

To enableor disableport mirroring, use thefollowing procedure: 

1 Typem in the Configuration menu to display the Port M ir- 
roring Configuration menu. 

2 Type t to toggle System Port M irroring. 

The change is reflected immediately in the settings shown at 
the top of the Port M irroring Configuration menu. Note 
that if System Port M irroring is Enabled, then theM irror 
Port setting shows Port 13 as M irror Port. 
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Specifying Port Traffic Monitor Type 

To specify whether to monitor port receive traffic or port send traffic, System 
Port M irroring must be enabled. After enabling port mirroring, use the 
following procedure to specify the Port Traffic M onitorType: 

1 Typem in the Configuration menu to display the Port M ir- 
roring Configuration menu. 

2 Type e to toggle System Port M irroring. 

The change is reflected immediately in the settings shown 
at the top of the Port M irroring Configuration menu. 

Setting the Monitor Port 

To specify which port to monitor, use the following procedure: 

1 Typem in the Configuration menu to display the Port M ir- 
roring Configuration menu. 

2 Type sand then follow the instructions to select theM oni- 
tor port. 

The change is reflected immediately in the settings shown 
at the top of the Port M irroring Configuration menu. 



Page 3-36 



Image File Downloading Configuration 



Image File Downloading Configuration 

ThelmageFileDownloading Configuration M enu allows you to upgradeyour 
I ntraC ore 6524 system easily, using either TFT P orX/Y/Z modem protocol. 

Typef in the Configuration Menu to seethelmageFileDownloading 
Configuration Menu, as shown in Figure 3-17. 



IntraCore 6524 


File Downloading Configuration Menu 


<Cmd> 


<Description> 


t 


TFTP File Downloading Configuration 


X 


X/Y/ZMODEM Image File Downloading Configuration 


q 


Return to Previous Menu 


Command> 





Figure 3-17 I mage File Downloading Configuration M enu 

From the Image File D ownloading Configuration Menu, select the 
downloading protocol. Type t to download the imagefileviaTFTP ortypexto 
download using theX/Y/Z modem protocol. The two subsections that follow 
describe downloading by each of the two protocols. 

When Asante issues a new version of software for the IntraCore 6524, you can 
obtain it from theAsanteWorld Wide Web site or by contacting Asante 
Technical Support (see Appendix A, "Technical Support," for details). 
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Image Downloading Through TFTP 

To download anew image file in-band through TFTP, typetin the I mage File 
Downloading Configuration M enu (option g in the Configuration M enu). A 
screen similar to Figure 3-18 appears. 



IntraCore 6524 TFTP File Downloading Menu 


Bank 1 Image Version/Date l.OOE/Aug 23 2000 19:04:37 


Bank 2 Image Version/Date 1. OOF /Aug 24 2000 14:09:25 (Running) 


File Type: 


Image 


Server IP: 


192.168.52.211 


File Name: 


ic6kl00f .ima 


Retry Count 


: 5 


Destination 


Bank : 1 


<Cmd> 


<Description> 


s 


Set Server IP Address 


f 


Set File Name 


d 


Download Image File to Destination Bank 


b 


Download and Reboot from the Image File 


r 


Set Retry count 


a 


Toggle Destination Bank 


q 


Return to Previous Menu 


Command> 





Figure 3-18 T FT P I mage File D ownloading M enu 
Current Settings 

Table 3-11 describes each setting on theTFTP I mage Downloading M enu. 



Setting 


Description 


Bank 1 Image Version/ 
Date 


The version number and compilation dateof runtime code that is 
stored in memory bank 1 on the IntraCore 6524. 


Bank 2 Image Version/ 
Date 


The version number and compilation dateof runtime code that is 
stored in memory bank 2 on the IntraCore 6524. The runtime 
code is currently running on this bank. 


Server 1 P 


1 P address of network server containing software image file. 


File Name 


The software image file's name and network path. 


Retry Count 


Number of attempts the switch will make to download image file. 


Destination Bank 


N umber of the memory bank where the i mage fi 1 e wi 1 1 download. 



Table 3-1 1 TFTP Image Download Menu settings 
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Performing a Software Upgrade at Runtime 

The software image file must be downloaded from a server on your network 
that is running aTFTP server application. 

▲ Important! M ake sure the I ntraC ore 6524 is configured 
with an IP address. For details, see "Changing System IP 
Information" earlier in this chapter. 

To upgrade the I ntraC ore 6524 software vi aTFTP, use the following procedure: 

1 AccesstheTFTP I mage File D ownloading Configuration 
Menu bytypingtin the Image File D ownloading Configu- 
ration M enu. 

2 Type s to set the i mage server I P address 

3 Attheprompt, enter the I P address of the server containing 
the imagefile, then pressReturn. 

4 Typef to set the imagefile name. 

5 Attheprompt, entertheimagefile'snameand path, then 
pressReturn. 

6 Type r to set the retry count. 

7 Attheprompt, enter the number of attempts the I ntraC ore 
6524 will make to download the imagefile, then press 
Return. 

8 Select the Destination ImageBank by using thea option. In 
atypical situation, you will want to select the Bank on 
which the software is not currently running, as shown in 
Figure 3-18. 

9 To download the imagefile to the destination bank, typed. 
This option allows you to change the boot bank at a later 
timeorto usetheSystem Reset Configuration to schedulea 
reset, at which timethenew software will be run. 

OR 

To download the image file and reset theswitch, typeb. 
Thisoption immediately boots thelntraCore6524 with the 
new version of software. 

1 0 Type q to return to the I mage File Downloading M enu. 
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Serial Downloading Configuration 

TheX/Y/Z M odem I mage File Downloading M enu lets you download anew 
software image file for the I ntraC ore 6524 without interrupting the current 
operation. 

To download anew image through the IntraC ore 6524 management module's 
serial (console) port, typex in the Image File D ownloading Configuration 
Menu.TheX/Y/Z Modem I mage File D ownloading M enu appears, as shown 
in Figure 3-19. 



IntraCore 


6524 X/Y/ZMODEM Image File Downloading Menu 


Bank 1 Image Version/Date l.OOE/Aug 23 2000 19:04:37 


Bank 2 Image Version/Date 1. OOF /Aug 24 2000 14:09:25 (Running) 


Download 


Protocol : ZMODEM 


Current Baud Rate: 9600 bps 


Destination Bank: 1 


<Cmd> 


<Description> 


X 


Set download protocol to XMODEM 


y 


Set download protocol to YMODEM 


z 


Set download protocol to ZMODEM 


c 


Change Baud Rate Setting 


d 


Download File to Destination Bank 


b 


Download and Reboot from the Image File 


a 


Toggle Destination Bank 


q 


Return to Previous Menu 


Command> 





Figure 3-19 X/Y/Z M odem I mage File Downloading M enu 



Page 3-40 



Image File Downloading Configuration 



Current Settings 

Table 3-12 describes the settings shown intheX/Y/Z M odem I mage File 
Downloading M enu. 





Bank 1 Image Version/ 
Date 


The version number and compilation date of runtime code that is 
stored in memory Bank 1 on the IntraC ore 6524. 


Bank 2 Image Version/ 
Date 


The version number and compilation dateof runtime code that is 
stored in memory Bank 2 on thelntraCore6524.The(Running) 
designation indicates that the runtime code is currently running 
on this Bank. 


Download Protocol 


Current setting of the IntraC ore 6524's serial download protocol. 


Current Baud Rate 


Transmission rate for the IntraC ore 6524's serial port. 


Destination Bank 


N umber of the memory bank where the imagefile will down load. 



Table 3-12 X/Y/Z Modem Image File Downloading settings 
Performing a Software Upgrade 

Use the following procedure to upgrade the IntraC ore 6524 software through 
its serial (console) port. 

1 In thelmageFileDownload Configuration M enu, typexto 
open theX/Y/Z M odem I mage File Downloading M enu. 

2 Typex, y, orzto select the corresponding modem protocol. 

♦ Note: For information about these protocols, seethe 
manual for your communications software. 

3 Type c to select the con sole baud rate. The Baud Rate Set- 
ting M enu appears, as shown in Figure 3-20. The maximum 
baud rate currently supported is 57,600 bps. 
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Current Baud Rate: 9600 bps 

Please select one from the following baud rate settings, or 
press any other key to quit: 



WARNING: 


The user must use the same baud rate setting of the terminal 




after he/she confirms to change the baud rate setting of the 




console in order to work correctly. 


<Cmd> 


<Description> 


a 


Set Baud Rate to 1200 bps 


b 


Set Baud Rate to 2400 bps 


c 


Set Baud Rate to 4800 bps 


d 


Set Baud Rate to 9600 bps 


e 


Set Baud Rate to 19200 bps 


f 


Set Baud Rate to 38400 bps 


g 


Set Baud Rate to 57600 bps 


Choice> 




Figure 3-20 Baud Rate M enu 



4 Select one of the options in the above screen to select the 
required baud rate, and confirm it by typing y. 



♦ N ote: T he baud rate default for console management is 
9600 bps; in most cases the default will match therate 
for the connected terminal. If you change thebaud rate 
for the console port, thescreen will display garbled data 
unless the connected terminal is set to the same rate. 

5 TypeatoselecttheDestination Bank. 

6 To download the image file, useany serial communications 
software such asProcomm Plus, HyperTerminal, ZTerm, 
etc. For file transfer instructions, follow the instruction 
manual of the serial communications software. 

♦ Note: The terminal on which the serial communications 
software is running must have the same baud rate as the 
IntraCore 6524 management module console. The con- 
nection from the terminal to theswitch consoleport 
must bean RS232C straight-through cable. 

7 Typed to download to theselected destination bank or bto 
download and reset. 

8 Typeq to return to the previous menu after performing a 
successful download. 
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System Reset Configuration 

The System Reset Configuration M enu allows you to reset the IntraC ore 6524 
by performing a "warm" reboot. It also allows you to schedule a reset up to 24 
hours in advance. 

To reset the IntraC ore 6524, type r in the Configuration M enu. A screen 
similar to Figure 3-21 appears. 



IntraCore 6524 System Reset Configuration Menu 



Reset Status: 
Reset Type: 
Reset Countdown: 



Stop 
Normal 
1 sec. 



<Cmd> 
s 
c 



q 

Command> 



<Description> 
Schedule Reset Time 
Cancel Reset 
Reset Switch 

Reset Switch to Factory Default 

Reset Switch to Factory Default except IP and Bootstrap 
Return to Previous Menu 



Figure 3-21 System Reset Configuration Menu 

Current Options 

Table 3-13 describes the settings shown in theSystem Reset Configuration 
M enu. 



Option 




Schedule ResetTime 


Number of seconds until the scheduled reset. 


Cancel Reset 


Stops the scheduled reset. 


Reset Switch 


Performs a warm reboot to reset the IntraC ore 6524 immediately. 


Reset Switch to Factory 
Default 


Resets the 1 ntraC ore 6524 to the original factory settings. 


Reset Switch to Factory 
Default except IP & 
Bootstrap 


Resets the 1 ntraC ore 6524 to the original factory settings without 
modifying the 1 P and Bootstrap configuration. 



Table 3-13 System Reset Configuration options 
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Resetting the IntraCore 6524 

To reset the IntraCore 6524, usethefollowing procedure: 

1 Open theSystem Reset M enu by typing r in theConfigura- 
tion M enu. 

2 Type r, d or i . Typi ng r resets the I ntraC ore 6524. Typi ng r 
resets the to its current configuration. Typing d resets the 
IntraCore 6524 to the factory default. Typing i resets the 
IntraCore 6524 to the factory default without affecting its 
IP and Bootstrap configuration. 

3 Type y to confirm the reset or type n to cancel the reset. 

♦ Note: During thescheduled reset operation, you can see 
the reset countdown decrement by refreshing the screen. 

Scheduling a System Reset 

You can schedule the IntraCore 6524 to automatically perform a reset from one 
second up to 24 hours (86,400 seconds) in advance. 

To schedule a reset, usethefollowing procedure: 

1 Open theSystem Reset M enu by typing r in the Configura- 
tion M enu. 

2 Typesto schedule a reset time (within thespecified range). 

3 Enter the number of seconds the IntraCore 6524 will wait 
before it automatically resets. 

▲ Important! The maximum number of secondsthat 
can be entered is 86,400 (24 hours). 

4 Press Return. 

T he I ntraC ore 6524 wi II reset automatically after the number of seconds you 
specified. 
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Viewing the System Log 

T he I ntraC ore 6524 system log recordsand displays any major system events on 
theswitch, such as fatal errors, plugging in or removing a module, etc. 

To view the system log, use thefollowing procedure: 

1 Type I in the Configuration M enu. The System Log M enu 
appears, as shown in Figure 3-22. 



System Log Menu 

<Cmd> <Description> 

1 Display System Log 

c Clear System Log 

q Return to previous menu 



Command> 



Figure 3-22 System Log M enu 

2 Typed to display the current system log, as shown in 
Figure 3-23. 



IntraCore 6524 System Log Summary 



No. 


D 


H 


M 


S 


Event 


1. 


000 


00 


00 


00 


Reset NVDB sections to factory default 


2. 


000 


00 


00 


07 


Spanning Tree Task Disabled 


3. 


000 


00 


32 


53 


Spanning Tree Task Enabled 


4. 


000 


00 


33 


45 


Spanning Tree Task Disabled 


5. 


000 


00 


41 


11 


Spanning Tree Task Enabled 


6. 


000 


00 


00 


00 


Reset NVDB section 0 to factory default 


7. 


000 


00 


32 


51 


Spanning Tree Task Disabled 


8. 


000 


00 


33 


08 


Spanning Tree Task Enabled 


Quit Next Page 





Figure 3-23 System Log Summary 

The system log displays any major system events that have 
occurred on the IntraCore 6524. If no major events have 
occurred, "System up" messages are displayed. 

♦ Note: The system log holds a maximum of 64 entries. 

3 Press any key to display the next page of System Log infor- 
mation. 
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Clearing the System Log 

Use the following procedure to clear all entries from the current System Log. 

1 Open theSystem Log M enu by typing I in the Configura- 
tion M enu. 

2 Type c to clear the current System Log. 
New entries will begin to accrue as events occur. 

User Interface Configuration 

The User Interface Configuration M enu lets you set the idle time-out periods 
for both the console and telnet user interfaces, change the password used for 
logging in to the Local M anagement Interface, and enableordisabletheWeb 
server. 

To display the User Interface Configuration M enu, as shown in Figure 3-24, 
typeu in the Configuration M enu. 



IntraCore 6524 User Interface Configuration Menu 

Console UI Idle Time Out: 5 min 
Telnet UI Idle Time Out: 5 min 

HTTP Server Status: ENABLED 

Telnet Session Status: 



Session Status Source IP 

1 Active 192.168.54.240 

2 Inactive <none> 

3 Inactive <none> 

4 Inactive <none> 

<Cmnd> <Description> 

c Set Console UI Time Out 

t Set Telnet UI Time Out 

p Change Administrator Password 

o TOggle to Enable/Disable HTTP Server 

q Return to previous menu 



Command> 



Figure 3-24 User Interface Configuration Menu 
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Current Settings 

Table 3-14 describes the settings in the User Interface Configuration M enu. 





ConsoleU 1 IdleTime-out 


Duration of time the console will remain idle before returning to 
the M ain M enu. 


Telnet U 1 IdleTime-out 


Duration of time the console will remain idle before closing the 
Telnet connection. 


HTTP Server Status 


Enabled or Disabled. 


Telnet Session Status 


Inactive or Active, depending on whether session is in progress. 


Telnet Session Source IP 


The IP address of the device bang used for tel net management. 



Table 3-14 Ul Time-out Settings 



Setting Console IdleTime-out Period 

Use the following procedure to set the console idle time-out. 

1 Typec in theUser Interface Configuration Menu. 
A prompt for the number of minutes is displayed. 

2 Enter the desired idle time-out in minutes. 

♦ Note: The default time-out is 5 minutes. Range for 
time-out is 0-60 minutes (0 indicates no time-out). 

To exit without making any changes, press ctrl-c. 

3 Press Return. 

Thenew ConsolelU IdleTime 0 ut is reflected in the User Interface 
Configuration M enu. 
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Setting Telnet Idle Time-out Period 

Use the following procedure to change theTelnetTime-out. 

1 Typetin the User Interface Configuration Menu. 
A prompt for the number of minutes is displayed. 

2 Enter the desired idle time-out in minutes. 

♦ Note: The default time-out is 5 minutes. Range for 
time-out is 1-60. 

To exit without changes, press ctrl-c. 

3 Press Return. 

T he new Tel net U I IdleTime Out is reflected in the User Interface 
Configuration M enu. 

After you have configured the desired time-outs, type q to return to the 
previous menu. 

Changing the Password 

Use this option to change the password that the user must enter when they log 
in to the Local M anagement Interface or the Web server interface. 

▲ Important! Thefactory default password is Asante. The 

password is case-sensitive. 

To change the current Local M anagement Interface or Web-based Interface 
password, usethefollowing procedure: 

1 Typep in the User Interface Configuration M enu. 

2 Type the password you have been using at the prompt. 

3 Type a new password at the "Enter Current Password" 
prompt. 

▲ Important! The password is case-sensitive. The pass- 
word can be up to a maximum of 20 characters in 
length. The password characters can be any ASCI I code. 

4 Press Return. 



Page 3-48 



User Interface Configuration 



5 Typethenew password again at the confirmation password 
prompt. 

To cancel the change in password, type ctrl-c. 

6 Press Return. 

The password change takes effect. 

7 Typeqto return to the Configuration Menu. 

You will now need to enter thenew password each timeyou log in to the 
Configuration M enu. 

Enabling or Disabling the Web Server 

T he current HTTP Server Status is shown in the U ser I nterface C onfiguration. 

▲ Important! For security, the web server is disabled 
by default. 

U se the fol lowi ng procedure to toggle the status of the H TT P server: 
□ Typeo in the User I nterface Configuration M enu. 
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Viewing Statistics 

Viewing statistics on a regular basis allows you to evaluate your network's 
performance. You can view current statistics for the I ntraC ore 6524 on a per- 
port basis and can change your view of those statistics and the counters 
displayed in it. 

To view statistics use the following procedure: 

1 Types in the Local M an agem en t Interface M ain M enu.The 
Port Statistics Counters screen isdisplayed, as shown in 
Figure 3-25. 



IntraCore 6524 Port Statistics 


Counters Module 


: 1 Port: 1 


Elapsed Time Since Up 


002 


06:47:34 






<Counter Name><Total> <Avg./s> <Counter Name> 


<Total> 


<Avg./s> 


Total RX Pkts 


0 


0 


Total RX Bytes 


0 


0 


Good Broadcast 


0 


0 


Good Multicast 


0 


0 


Total TX Pkts 


0 


0 


Total TX Bytes 


0 


0 


TX Unicast 


0 


0 


TX Non-unicast 


0 


0 


Dropped Pkts 


0 


0 


Undersize Pkts 


0 


0 


Oversize Pkts 


0 


0 


CRCAlign Errors 


0 


0 


Fragments 


0 


0 


FCS Errors 


0 


0 


Collisions 


0 


0 


Late Events 


0 


0 


64-Byte Pkts 


0 


0 


65-127 Pkts 


0 


0 


128-255 Pkts 


0 


0 


256-511 Pkts 


0 


0 


512-1023 Pkts 


0 


0 


1024-1518 Pkts 


0 


0 


<Cmd> <Description> 


<Cmd> 


<Description> 


<Cmd> 


<Description> 


r since reset 


X 


next module 


n 


next port 


t stop refresh 


V 


prev module 


P 


prev port 


q quit 




m 


select module 


s 


select port 


Corrmand> 













Figure 3-25 Port Statistics Counters since system up 

2 Use the s command to select a port for which you want to 
see the counters, or use n and p to find the port. 

3 Typetto stop the periodic updating of thecounters, so you 
can record what they are at that time. 

4 Type r to see a display of the same counters, but accrued 
since the last reset of thecounters, as shown in 

Figure 3-26. 
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IntraCore 6524 


Port 


Statistics 


Counters Module 


: 1 Port: 1 


Elapsed Time Since Reset: 


000:00:00:55 






<Counter Name><Total> <Avg./s> <Counter Name> 


<Total> 


<Avg./s> 


Total RX Pkts 


0 


o 


-LLJUcL-L JT\A. Dy LCD 


0 


0 


Good Broadcast 


0 


0 


Good Multicast 


0 


0 


Total TX Pkts 


0 


0 


Total TX Bytes 


0 


0 


TX Unicast 


0 


0 


TX Non-unicast 


0 


0 


Dropped Pkts 


0 


0 


Undersize Pkts 


o 


o 


Oversize Pkts 


0 


0 


CRCAlign Errors 


0 


0 


Fragments 


0 


0 


FCS Errors 


0 


0 


Collisions 


0 


0 


Late Events 


0 


0 


64-Byte Pkts 


0 


0 


65-127 Pkts 


0 


0 


128-255 Pkts 


0 


0 


256-511 Pkts 


0 


0 


512-1023 Pkts 


0 


0 


1024-1518 Pkts 


0 


0 


<Cmd> <Description> 


<Cmd> 


<Description> 


<Cmd> 


<Description> 


r since reset 


X 


next module 


n 


next port 


t stop refresh 


V 


prev module 


P 


prev port 


q quit 




m 


select module 


s 


select port 


Command> 













Figure 3-26 Port Statistics Counters since reset 

5 Type r in the "since reset" screen to reset the statistics 
counters so you can see them accrue again from zero. 

6 Type q to quit either statistics screen and return to the Local 
M anagement I nterface M ain M enu. 

For definitions of the counters, see Appendix B, "M IB Statistics." 
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Thischapter describes thefollowing advanced topics for management of the 
lntraCore6524: 

□ Spanning Tree Protocol 

□ SN M P and RM ON M anagement 

□ Security M anagement 

□ VLAN M anagement 

□ M ulticast M anagement 

Spanning Tree Protocol 

The Spanning Tree Protocol (STP) isapartofthelEEE 802. ID standard that 
provides for redundancy in a bridged LAN by allowing multiple links between 
points in the LAN . 

Without the use of STP, multiple links in a bridged network will result in 
bridging loops, which allow excess broadcast traffic that can bring down an 
entire network. 

Overview 

The Spanning Tree Protocol reduces a network with multiple, redundant 
connections to one in which all points are connected (theprotocol spansthe 
network), but in which there is only one path between any two points (the 
paths are branched, as in a tree). 

For example, in alargenetwork with multiple paths, thesame message will be 
broadcast over the network through multiple paths, resulting in a great amount 
of extra network traffic, and possibly, network downtime. This "closed path" or 
"bridged loop" among the networks can also start an unending packet-passing 
process. 

▲ Important! To explain STP more effectively, the 

IntraCore 6524 is described as a bridge for this section of 
the manual. 
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How It Works 

All bridges on the network communicate with each other using special packets 
called Bridge Protocol DataUnits(BPDUs).Theinformation exchanged in the 
BPD U s enables bridges on the network to: 

□ Elect a single bridge to be the root bridge. 

□ Calculate the shortest path from each bridge to the root. 

□ Select a designated bridge on each segment, which lies closest to the 
root and forwards traffic to the root. 

□ Select a port on each bridge to forward traffic to the root. 

□ Select the ports on each bridge that forward traffic, and place the 
redundant ports in blocking state. 

Enabling and Disabling STP 

ThelntraCore6524 isshipped with spanning tree enabled on all ports by 
default. To enableor disableSTP on your lntraCore6524, use the following 
procedure: 

1 Typec to open the Configuration M enu. 

2 Open the Spanning Tree Configuration M enu by typing s 
in the Configuration M enu. See Figure 4-1. 

3 Type t to toggle STP to enabled or disabled. 

When you disableSTP, you are prompted to confirm the 
change. T he ST P status is changed. T he status is displayed 
near the top of theSpanningTreeConfiguration M enu. 
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Configuring Spanning Tree Parameters 

To view theSpanningTreeConfiguration M enu, as shown in Figure 4-1, types 
in the Configuration M enu. 



IntraCore 6524 Spanning Tree Configuration Menu 




STP Status: 


Enabled 




Bridge ID: 


8000 0000948EF37B 




Designated Root : 0001 O0503EA8B0O0 




Root Port: 


Port: 8 




Root Path Cost: 110 




Hello Time: 


2 Sec. Bridge Hello Time: 


2 Sec. 


Maximum Age 


: 20 Sec Bridge Maximum Age: 


20 Sec. 


Forward Delay: 15 Sec. Bridge Forward Delay: 


15 Sec. 


<Cmd> 


<Description> 




t 


Toggle STP Enable/Disable 




i 


Set Bridge Priority 




h 


Set Bridge Hello Time 




a 


Set Bridge Maximum Age 




d 


Set Bridge Forward Delay 




P 


Spanning Tree Port Configuration 




q 


Return to Previous Menu 




Command> 






Figure 4-1 SpanningTreeConfiguration Menu 



Spanning Tree Parameters 

Theoperation of thespanning tree algorithm isgoverned by several parameters. 
You should attempt to set these parameters only if you have experience with the 
802. ID specification. 

Bridge Priority 

Setting the Bridge Priority to a low value will make it more likely that the 
current bridge will become the root bridge. If the current bridge is located 
physically near the center of your network, you may wish to decrease the Bridge 
Priority from its default value of 0x8000. If thecurrent bridge is near the edge 
of your network, it is best to leave the value of the Bridge Priority at its default. 

Hello Time 

This is the time period between BPD Us transmitted by each bridge. 
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Maximum Age 

Each bridge should receive regular configuration BPDUsfrom the direction of 
theroot bridge. If the maximum age timer expires before the bridge receives 
another BPDU, it assumes that a change in the topology has occurred, and it 
begins recalculating the spanning tree. 

Forward Delay 

After a recalculation of the spanning tree, the Forward D elay parameter 
regulates the delay before each port begins transmitting traffic. If aport begins 
forwarding traffic too soon, the network can be adversely affected. T he 
permitted range of the Forward Delay is 4 to 30 seconds. 

♦ Note: TheH elloTime, M aximum Age, and Forward Delay 
are constrained by the following formula: 

(Hello Time + 1) <= Maximum Age <= 2 x (Forward Delay -1) 

In general, reducing the values of these timers will makethe 
spanning tree react faster when the topology changes, but 
may cause temporary loops as the tree stabilizes in a new 
configuration. Lengthening thetimers will makethe tree 
react more slowly to changesin configuration but will make 
an unintended reconfiguration less likely. All of the bridges 
in thetreemust agree on the values of these timers, so each 
bridge uses the ones advertised by the root. 

Port Priority 

If two ports are connected to the same segment, changing the Port Priority 
increases or decreases the probability that either port will be chosen for 
inclusion in thetree. 
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Current STP Settings 

Thefollowing settings are displayed in theSpanningTreeConfiguration M enu, 
as shown in Figure 4-1. 





bl r btatUS 


W hether spanning tree protocol is currently enabled or disabled. 


Diiage i u 


T he B ridge 1 den tifier of this bridge. T he fi rst part of the B ridge 1 D 
is the Bridge Priority. (If the Bridge ID isshown as 8000 
000094E E 5080, the 8000 is the Bridge Priority. T he remai nder is 
the MAC address of this bridge, which cannot be changed.). 


Designated Root 


T he Bridge 1 dentifier of the bridge that iscurrently the root bridge 
for the spanning tree. 


Root Port 


The port this bridge will use to forward traffic to the root. If this 
bridge is the root, the root port will beO. 


Root Path Cost 


The cost as calculated by the spanning tree for messages to reach 
the root. If this bridge is the root, the cost will beO. 


H ello Time 


The value of the timer currently being used by the bridge. 


M aximum Age 


The value of the maximum age timer currently bang used. 


Forward Delay 


The value of the forward delay timer currently bang used. 


Bridge H ello Time 


The value that will be used by the spanning tree if this bridge 
becomes the root bridge. 


Bridge M aximum Age 


Thevalue that will be used by the spanning tree if this bridge 
becomes the root bridge. 


Bridge Forward Delay 


The value that will be used by the spanning tree if this bridge 
becomes the root bridge. 



Table 4-1 Spanning Tree Configuration settings 
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Spanning Tree Port Configuration 

To set the Port Priority and Port Path Cost values for ST P, access the Spanning 
Tree Port Configuration M enu shown in Figure 4-2 by typing p in the 
Spanning Tree Configuration Menu. 



IntraCore 6524 Spanning Tree Port Conf ig . 


Menu Module: 


[1] Port: 


[01] 


Port Speed: 100 Mbps 

Port Status: Enabled 

Port State: Forwarding 

Port MAC Address : 00 : 00 : 93 : 8F :E3 : 7C 

Port Priority: 0x80 

Port Path Cost: 10 








<Cmd> <Description> 
i Set Port Priority 
c Set Port Path Cost 
q Return to Previous Menu 








Conmand> 








Select module Next module Prev module 


Select port 


Next port 


Prev port 



Figure 4-2 Spanning Tree Port Configuration M enu 



Setting Port Priority and Path Cost 

Theport priority is a bridge spanning tree parameter that ranks each port. 
When two or more ports have the same path cost, the ST P selects the path with 
the highest priority (lowest numerical value). By changingthepriority of aport, 
you can makeit more or less likely to become the root port. The default value is 
128, and the range is 0-255. 

Port path cost is the bridge spanning tree parameter that assigns a cost factor to 
theport. The lower the assigned port path cost, the more likely theport is to be 
accessed. The default port path cost value is a result of the equation: 

path cost = 1000/LAN speed (in Mbps) 

Thus, for 10M bps ports, the assigned default port path cost is 100. For 
100M bps ports, the default port path cost is 10. And for 1000M bps ports, 
the assigned default port path cost is 1. The range is 1 to 65,535. 
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Use the following procedure to set the ST P Port Priority and Path Cost values: 

1 Access the Spanning Tree Port Configuration Menu by typ- 
ing p in the Spanning Tree Configuration M enu. 

2 Usethes, n, and pcommandsto select theport you want to 
configure. 

3 Type i to set the Port Priority. 
Type c to set the Port Path C ost. 

4 Enteravalueforthesettingyou aremaking. 

5 Press Return. 

The new Port Priority or Port Path Cost is displayed in the Spanning Tree Port 
Configuration M enu. 



SNMP and RMON Management 

TheSimpleN etwork M anagement Protocol (SN M P) may be used to manage 
the IntraC ore 6524. TheSN M P agent supports database objects that are 
defined in the following management information bases(M IBs): 

□ M IB II (RFC 1213) 

□ BridgeM IB (RFC 1493) 

□ RMON (RFC 1757) 4 groups- Ethernet Statistics, Ethernet History, 
Alarm, and Events (See next section for details) 

□ PrivateAsante6524 M IB 

AnySN M P-based network management application can beused to manage the 
IntraC ore 6524. For information on management of switches, refer to your 
SN M P software manual. 

Fordetailson console-based SN M P settings, see"SN M P Configuration" on 
page 3-16. 

RMON Management 

Remote N etwork M onitoring (RM ON ) allows the network manager to gather 
data on the network's traffic for future retrieval. RM ON isan Internet Standard 
defined in RFC1757. 
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Using RM 0 N , a network monitor (also called a probe) listensto traffic on the 
network and gathers statistics that may be retrieved later by a network 
management station using SN M P, as described in the previous section. 

The four groups of RMON that are supported by the I ntraC ore 6524 are 
described in thefollowing sub-sections. 

ThelntraCore6524 switches provide control of theRM ON groups only 
through SN M P. For information on controlling RMON groups, please refer to 
the documentation for your SN M P management application. 

For more information about RMON, please see RFC 1757, "Remote Network 
M onitoring M anagement Information Base," availablefrom theFTP site listed 
in AppendixA. 

Ethernet Statistics Group 

TheEthernet statistics group contains statistics measured on each port of the 
I ntraC ore 6524. These are cumulative counters that start at zero each time the 
IntraCore 6524 is reset. The Statistics Group is automatically implemented by 
the lntraCore6524. 

Ethernet History Group 

TheEthernet history group records periodic statistical samples from ports on 
the IntraCore 6524 and stores them for later retrieval. A network manager can 
use the data to analyze how network traffic has varied over a period of time. 

Alarm Group 

The alarm group takes periodic statistical samples from variables in the 
IntraCore 6524 and compares them to previously configured thresholds If the 
monitored variable crosses a threshold, an event is generated. 

Event Group 

The event group controls the generation and notification of events from the 
IntraCore 6524. The alarm and event groups together allow the network 
manager to configure RM 0 N so that if a particular statistic (such as the 
number of bad frames) goes higher than acertain level, the IntraCore 6524 will 
send a trap to its configured trap receivers, notifying the manager of the event. 
For information on configuring trap receivers, see"SN M P Configuration" in 
C hapter 3. 
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Security Management 

The I ntraC ore 6524's security management options are summarized in 
Table 4-2. 



Security Option 


Description 


Action 


Duplicated IP Detection 
(M onitoring) 


D etects the use of a single 1 P 
address by two stations. 


Detects and logs MAC 
addresses of both stations and 
the ports they accessed. 


n i ir\l i fahoH 1 D Trar\ 

UUpilCdtcu lr 1 1 cap 


jcl lUb U dp Wi LI 1 l v l Mt 

addresses of both stations and 
the ports they accessed. 


DtdtlOn l v l OVement 1 lap 


u etects tne movement or any 
end station from one port to 
another. 


Cot"i H c tr^r\ nil tV\ ("ho c4" ^if-i o n'c 

DmQ5 trap wnn tne stations 
M AC address and 1 P address 
(if available) and the switch's 
port numbers. 


Port New Node Trap 


Detects the connection of any 

[IcW UcVICc LO Lllc ScCUf cu pOI L. 


Sends trap with thenew node's 

l v l ML dUulcSS dllU 1 r dUUIci) 

(if available) and the port to 
which they are connected. 


Port Trusted MAC 
Address 


C reates a port-trusted MAC 
address for use by other secu- 
rity measures. 


None. 


Port 1 ntruder D election 
Trap 


Disallows traffic from MAC 
addresses not belonging to the 
port trusted MAC address set. 
Station movement is also disal- 
lowed. 


Sends trap with intruder's 
MAC address. 


Port Lock 


Disallows traffic from MAC 
addresses that do not belong to 
the port trusted M AC address 
set. Station movement is also 
disallowed. 


Disablestheportif an intruder 
isdetected. Sends trap with the 
port number, and the 
intruder's MAC address 
VLAN ID, and IP address (if 
available). 



Table 4-2 Security Management Options 
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To access the Security M anagement M enu, typet in the Configuration M enu. 
A screen similar to Figure 4-3 appears. 



IntraCore 6524 Security Management Menu 

Duplicated-IP Monitoring Status: Enable 
Duplicated-IP Trap Status: Enable 
Station Movement Trap Status: Disable 



<Cmd> <Description> 

p Port Security Configuration 

d Toggle Duplicated-IP Detection Enable/Disable 

i Toggle Duplicated-IP Trap Enable/Disable 

1 Display Duplicated-IP List 

s Toggle Station Movement Trap Enable/Disable 

r Reset All Security Configuration to Factory Default 

q Return to previous menu 



Command> p 



Figure 4-3 Security M anagement M enu 

Current Settings 

Thefollowing settings are displayed in the Security M anagement M enu screen. 



Setting 


Description 


Duplicated IP M onitoring Status 


Whether duplicated IP monitoring (detection) iscur- 
rently enabled or disabled. 


Duplicated IP Trap Status 


Whether duplicated IP trap is currently enabled or dis- 
abled. 


Station M ovementTrap Status 


W hether station movement trap is currently enabled or 
disabled. 



Table 4-3 Security Traps 

▲ I mportant! For any traps (alerts) to be sent, you must des- 
ignate oneor more devices as trap receivers. See "SN M P 
Configuration" in Chapter 3. 
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Duplicated IP Detection and Trap 

The duplicated IP detection and duplicated IP trap security measures allow you 
to monitor the use of a single IP address by two stations. 

If you enable duplicated IP detection, the switch starts monitoring the 
broadcast Address Resolution Protocol (ARP) traffic from all of its ports, to 
detect duplicated IP address conditions. When duplicate IPs are used on the 
system, the M AC addresses of both stations and the ports they accessed are 
logged. 

If you enable both duplicated IP detection and duplicated IP trap, the 
designated trap receiver gets an alert each time a duplicated IP address is used 
on the system. In order to send duplicated IP traps, duplicated IP detection 
must be enabled. 

By default, duplicated IP detection and trapping are enabled. 

Enabling and Disabling Duplicated IP Detection 

To enable or disable detection of duplicated IP addresses: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Typed to toggle duplicated IP detection. 

Enabling and Disabling Duplicated IP Trap 

To enable the sending of atrap when aduplicated IP is detected, you must first 
enable duplicated IP detection. See the previous subsection, "Enabling and 
Disabling Duplicated IP Detection." 

To enable or disable the sending of a trap when a duplicated IP is detected: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Type i to toggle duplicated I P trap. 

Viewing a List of Duplicated IP Addresses 

To view a list of duplicated IP addresses that have been detected at the 
lntraCore6524: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Type I to display the duplicated IP list. A screen appears, 
similar to Figure 4-4. 



Page 4-1 1 



Advanced Management 



+ +-+ +-+ 

IP Address I Owner MAC I P I Spoofer MAC I P 
+ +-+ +-+ 



192 


203 


54 


222 


00 


00 


94 


00 


00 


01 


1 


00 


00 


94 


00 


00 


02 


2 


192 


203 


54 


223 


00 


00 


94 


00 


00 


04 


3 


00 


00 


94 


00 


00 


02 


2 


192 


203 


54 


224 


00 


00 


94 


00 


00 


05 


4 


00 


00 


94 


00 


00 


02 


2 



End of Summary, Quit. 



Figure 4-4 Duplicated IP address list 

Enabling and Disabling Station Movement Trap 

The station movement trap security measure ensures that when any end station 
is moved from one switch port to another, an alert is sent to the designated trap 
receiver. Station movement is detected when a station's MAC address (already 
learned bytheswitch) appearson a different switch port. The station movement 
trap includes the station's MAC address and IP address (if available) and the 
switch's port numbers. 

By default, station movement trap is disabled. 

To enable or disable detection of the movement of a station on thelntraCore 
6524: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Types to toggle station movement trap. 
Configuring Port Security 

To access the Port Security Configuration M enu, type tin the Configuration 
M enu to accesstheSecurity M anagement M enu, then type p to access the Port 
Security Configuration M enu. A screen similar to Figure 4-5 appears. 
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IntraCore 6524 Port Security Configuration Menu Module: 01 Port: 01 
Port Security Info: 

[+: Port Security Enabled, -: No Port Security, !: Port Disabled By Security] 
Port Security Status: [01]+ [09] [17] [25]— XXXXXX 

Port Security Type: New Node Detection Trap [Security Level 1] 
Port New Node Detect Trap Status: [Enabled] 
Port Intruder Detect Trap Status: [Enabled] 
Port Trusted MAC Address: [N/A] 



<Cmd> <Description> 

u Set\Clear Port Security 

t Toggle Port Security Trap Enable/Disable 

i Insert/Modify Port Trusted MAC Address 

d Display Port Intruder Nodes 

h Port Security Help 

q Return to previous menu 



Corrmand> 

Select port Next port Prev port 



Figure 4-5 Port Security Configuration M enu 
Current Settings 

Thefollowing settings are displayed in the Port Security Configuration Menu 
screen. 



Setting Description 


Port Security Status 


Status of security for each port: enabled, disabled by setting, or 
disabled in response to a security intrusion. 


Port Security Type 


Level of port security enabled. There are three levels of security: 

• N ew node detection trap (security level 1) 

• Trusted MAC address forwarding with port lock 
(security level 2) 

• Trusted MAC address forwarding with intruder lock 
(security level 3) 


Port N ew N ode D etect 
Trap Status 


Whether port new node detect trap is currently enabled or dis- 
abled. 


Port 1 ntruder D etect 
Trap Status 


W hether port intruder detect trap is currently enabled or disabled. 


Port Trusted MAC 
Address 


MAC address currently specified as the port trusted MAC. 



Table 4-4 Port Security Configuration Settings 

Page 4-13 



Advanced Management 



Configuring Port New Node Detection Trap 

The port new node detection trap security measure (also called "port security 
trap") ensures that when any new device is connected to the secured port, an 
alert will be sent to the designated trap receiver. The new device is detected 
when it is connected to thelntraCore6524and its MAC address is recognized 
as one not present in the current address table. The information shown in the 
alert is the new node's MAC address and IP address (if available) and the port to 
which they are connected. 

Once a device has been connected and has generated traffic on the network, the 
trap will not be re-sent. If the switch ages out the M AC address of a connected 
device from its forwarding database, new traffic from that device will result in a 
new node trap being sent. The default age-out time is 300 seconds. You may 
reduce the number of traps sent by lengthening the age-out time, as explained 
in "Setting the MAC Address Age-Out Time" in Chapter 3. 

By default, New Node detection is disabled. 

To enable or disable detection of a new node on the system, you must first set 
the security level on a port or group of ports to 1. Then, if it is not already 
enabled, you must enable New Node detection. 

To set security level 1 on a port: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Type p to access the Port Security Configuration Menu, as 
shown in Figure 4-5. 

3 Select u to Set/C lear port security. 

4 Types to set security. 

5 Typethe numbers of the portsfor which you want to set the 
security. You can specify a single port, a series of port num- 
bers separated by commas, a range of ports shown with a 
hyphen, or a combination of ranges and single ports. For 
example, type 1-8, 14 to specify portsonethrough eight, 
and port fourteen. See H elp for more information. 

6 Type 1 for Port Security Level 1. 
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To enable New N ode detection: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Type p to access the Port Security Configuration Menu, as 
shown in Figure 4-5. 

3 Typetto chooseTogglePort Security Trap. 

4 Type 1 to toggle the new node trap (if it is not already 
enabled). 

Configuring Port Lock and Intruder Lock 

The port intruder security measure allows you to create a port-trusted M AC 
address that is the only station with full rights to direct traffic to the port. 
Attempts to send traffic to the port from other stations are regarded as security 
intrusions, and can be disallowed. The security measure may be enabled as a 
port lock (security level 2) or an intruder lock (security level 3). 

♦ Note: The three security levelsare mutually exclusive; a port 
can have either security levell, level 2, or level 3, but never a 
combination of security levels. 

To configure security level 2 or 3, you must specify the port-trusted M AC 
address. You can either specify the address directly, or direct the system to trust 
the address of the first station that addresses the port. By trusting the first 
station to address the port, you can configure port security before you know 
which system will ultimately use that port. 

When security level 2 (port lock) is enabled and an intruder attempts to direct 
traffic to theport, the port is immediately disabled. The port isthen re-enabled 
only by clearing the security level by management. 

When security level 3 (intruder lock) is enabled and an intruder attempts to 
direct traffic to the port, the switch locks out the intruder's MAC address; the 
port will not accept any traffic from that station. The intruder's address isthen 
re-enabled only by clearing the security level by management. 

▲ Important! If you set security level 2 or 3, you should also 
set the Intruder Trap. If you do not set thistrap, you will 
not receive notification that theport has been disabled. See 
"Setting the Intruder Trap" on page 4-16. 

By default, security levels 2 and 3 are both disabled. 
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Configuring Security Level 2 or Level 3 

To set security level 2 (port lock) or level 3 (intruder lock) on a port: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Type p to access the Port Security Configuration Menu, as 
shown in Figure 4-5. 

3 Use the commands at the bottom of the menu to navigate 
to the port you want to want to configure. 

4 Select u to Set/C lear port security. 

5 Types to set security. 

6 Type 2 to select Port Security with Port Lock, or 3 to select 
Port Security with I ntruder Lock. 

7 Type 1 to have the system trust the first station that 
addresses this port, or type 2 to enter a specific port-trusted 
M AC address. If you type 2, you are prompted to enter an 
address where the values are hexadecimal and separated by 
colons, as follows: xx:xx:xx:xx:xx:xx 

Setting the Intruder Trap 

If you set security level 2 or 3, you should also ensure the I ntruder Trap is set. 
Enabling thistrap directs the system to send an alert to thedesignated trap 
receiver when an intruder triesto access the port. To set the intruder trap: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Type p to access the Port Security Configuration Menu, as 
shown in Figure 4-5. 

3 Typetto chooseTogglePort Security Trap. 

4 Type 2 to toggle the new node trap (if it is not already 
enabled). 
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Inserting/Modifying a Port Trusted MAC Address 

W hen you set port security level 2 or 3 for a port, you specify the port-trusted 
MAC address. You can change that address for a port without completing all 
the steps to set the port security. 

To add or change the port-trusted MAC address: 

1 From the Configuration M enu, typetto accesstheSecurity 
M anagement M enu. 

2 Type p to access the Port Security Configuration Menu, as 
shown in Figure 4-5. 

3 Typei, then follow the instructions on the screen. 
Resetting Security to Defaults 

To reset the security measures on the I ntraC ore 6524 to the factory defaults, 
accesstheSecurity M anagement M enu by typing tin the Configuration M enu. 
Then type r to reset all of the security configurations that have been changed 
back to the factory-set defaults. These defaults and their meanings arediscussed 
in the sections on each security measure, earlier in this chapter. 
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VLAN Management 

A virtual LAN , or VLAN , isa logical grouping that allows stations to 
communicate as if they were physically connected to a single LAN , 
independent of the actual physical configuration of a network. 

ThelntraCore6524 supports port-based VLAN s, in compliancewith thelEEE 
802. 1Q standard. The following subsections descri be the concepts and details 
needed to configure and manage VLAN son I ntraC ore switches. 

VLAN Specifications for the IntraCore 6524 

T he I ntraC ore 6524 supports the fol lowi ng features of the I E E E 802. 1Q 



standard: 




□ 


Port-based VLAN management 


□ 


Up to 64 manually-configurable VLAN s 


□ 


Default VLAN 


□ 


VLAN creation and deletion 


□ 


VLAN port member addition and deletion 


□ 


VLAN untagged set addition and deletion 


□ 


Configurable VI D range: 2 to 4094 


□ 


Port VI D configurable range: 1 to 4094 


□ 


Port ingress filtering 


□ 


Port admit frame type 


□ 


Independent VLAN learning (IVL) 


□ 


Shared VLAN learning (SVL) 


□ 


GVRP for dynamic VLAN learning (to be supported; later versions) 


□ 


SingleSTP (Spanning Tree Protocol) spanning multipleVLAN s 


□ 


SN M P-based VLAN management 
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Other VLAN Features in IntraCore 6524 

□ VLAN management security 

□ VLAN MAC address insertion and removal 

□ Console U I management of V LAN s 

□ Web interface management of VLAN s 
The management operations allowed are: 



□ 


Creation 


□ 


Deletion 


□ 


Name configuration 


□ 


VI D change configuration 


□ 


Adding and deleting port members 


□ 


Adding and deleting untagged sets 


□ 


Sharing and unsharing VLAN s 


□ 


Inserting and removing MAC addresses 


□ 


Toggling management access 



Overview of VLANs 

T his section describes the concepts needed to configure and manageVLAN son 
IntraCore switches. 

Benefits of VLAN Management 

U nnecessary flooded traffic wastes bandwidth on a LAN , potentially clogging 
the network. Flooded traffic is traffic that is sent to all ports on theswitch 
because the destination isa broadcast or multicast address, or because the 
location of the destination is unknown. 

Traditional Layer-2 bridges and switches attempt to limit unnecessary flooded 
traffic by learning the addresses of stations on theswitch. But as traffic expands 
rapidly on today's networks, bandwidth wastage from Layer-2 flooding can 
easily become a network bottleneck. 

The traditional solution to the problem of broadcast flooding isto usea Layer- 
3 device like a router. The trade-offs that accompany the use of routers include 
higher initial cost, more latency with decreased network performance, and 
higher maintenance and configuration expenses 
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AVLAN localizes flooded traffic to parts of LAN segments rather than to a 
whole LAN . VLAN s offer a simple and efficient solution that enhances network 
performance, bandwidth utilization, and network security by localizing flooded 
traffic. 

Port-based VLAN s are the simplest of many VLAN approaches that solve the 
problem of unnecessary flooding. A port-based VLAN allows the administrator 
to assign individual ports on a switch to a VLAN . Any broadcast, multicast, or 
unknown unicast traffic received on a port in a VLAN is flooded only to the 
other portsin theVLAN rather than to all portsin the system. Port-based 
V LAN s greatly reduce unnecessary traffic in a network. 

For the most complete information about configuring VLAN s in an 802. 1Q 
environment, see the standard, availablefrom IEEE <tittp://www.ieee.org>. 

Tagged and Untagged Frames 

In a network with only one switch, the switch itself can keep track of which 
ports belong to which VLAN s. 

In a network with multiple switches, information about which VLAN an 
Ethernet frame belongs to must be attached to the frame. TheVLAN 
information is attached by inserting atag field in theframe, as defined in IEEE 
802. 1Q. The tag includes the VI D to identify the frame'sVLAN . When a port 
receives a tagged frame, it can then pass the frame to other port members of the 
sameVLAN . 

W hen you add a port to a V LAN , you can specify whether or not frames 
originating from that port will be tagged. If the port is configured to send 
tagged frames, then its traffic will be associated with theVLAN identified in the 
tags. 

If it receives an untagged frame, a port has no way to determine the originating 
VLAN . In that case, the port can be configured to send theframe asis, to 
arbitrarily assign a specific tag to theframe, or to drop theframe. 

Abbreviations 

The following abbreviations are used throughout this section. 



FID Filtering ID 

GARP Generic Attribute Registration Protocol 

GVRP GARP VLAN Registration Protocol 

ISL Inter- Switch Link 

MGMT Management 
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STP 



PVID 



A tagged port'sVLAN ID (range is 1 to 4094) 
Spanning Tree Protocol 



Tagged Frame Frame with 802. 1Q VLAN tag header 

Untagged Frame Frame either without a tag header, or with this header and 
withVID =0 



VLAN Groups 

A VLAN group is the sum total of ports on a switch that are assigned to a 
specific VLAN . lntraCore6524 supports 64 manually-configurable VLAN son 
thenetwork. Each switch maintains its own list of VLAN indexes between 1 
and 64. Each VLAN is uniquely identified by a 12-bit (1-4095) VLAN ID 



VID =1 is reserved for the default VLAN, and VID 4095 is reserved to 
accommodate egress filtering. No two VLAN scan have the same VID or 
VLAN index if they reside on the same switch. 

Two VLAN scan have the same VID and VLAN index if they reside on 
different switches. To connect V LAN s or V LAN groups on different switches, 
you must configure a port as an Inter-switch Link(ISL). (See "Configuring 
Inter- Switch Links") 

Default VLAN 

ThelntraCore6524 is configured by default with a single VLAN , with 
VID =1; by default, all portson theswitch areassigned to VLAN 1. By default, 
the ports are also in the VLAN 's untagged set, which meansthey send only 
untagged frames. T he effect isthat by default, aport isnot limited by any 
VLAN boundaries, and strips VLAN data from all frames on egress. 

Port VLAN ID 

Each port has a Port VLAN ID (PVID), which is used to determine where to 
send untagged frames. If the port receives an untagged frame, it passes the frame 
totheVLAN identified by the PVID . By default, aport has PVID =1, which is 
the same as the default VI D . 

If you specify that a port receives untagged and tagged frames, and also provide 
a PVID , the port will send all untagged frames to that VLAN . If you specify 
that a port drops all untagged frames, that specification sets the PVID to 4095. 



VID 



VLAN ID (range is 1 to 4095) 



(VID). 
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VLAN Port Membership and Untagging 

Port members can be added to and deleted from aVLAN Group viatheVLAN 
M anagement M enu (see "Configuring Static VLAN Groups" on page 4-26). 
When you add a port to a VLAN , you configure the port to determine its 
participation in theVLAN . 

The VLAN Untagged Set. W hen you add a port member to a V LAN , the port 
is added to the untagged set by default. This means the frames sent out on this 
port will be untagged. If you want the port to send tagged frames, you must 
delete the port from the VLAN 's untagged set (see "Specifying Tagging or No 
Tagging for a Port" on page 4-30). 

No port can transmit both tagged and untagged frames on the same VLAN . 
H owever, it is possible for a port to be a member of more than one VLAN , and 
to transmit tagged frames for one VLAN and untagged frames for the other. 

PVID - Egress Filtering. For a port that receives untagged frames, you can 
assign a Port VLAN ID (PVID ). Assigning a PVID determines that the port 
will send all untagged framesto theVLAN whoseVID matches the PVID (see 
"Configuring VLAN Port Attributes" on page4-31). 

Receive Frame Type. You can specify whether a port receives all frames, or 
only tagged frames. If a port is configured to receive only tagged frames, any 
untagged frames received by the port are dropped. In thiscase, thePVID hasno 
meaning, and it is set to 4095. Receiving only tagged frames is especially 
important for setting up inter-switch links (see "Configuring Port Receive 
FrameType" on page 4-33). 

Ingress Filtering. In addition to Receive FrameType, you can also specify that 
theport restricts traffic to only those tagged frames that haveaVID of aVLAN 
of which theport is a member. For example, assume the port is a member of 
only one VLAN - in thiscase, VLAN 1. Then theport will accept only those 
tagged frames that haveVID 1 (see "Enabling and Disabling Port Ingress 
Filtering" on page 4-33). 
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Inter-Switch Links 

An inter-switch link (ISL) isa port that connectsVLAN S that reside on two 
different switches. An ISL isthemeansto shareVLAN information between 
switches on a network. 

For example, consider the two-switch network in Figure 4-6, which connects 
the Ethernet segments, E-l through E-9. Assume port 1 on each switch is set up 
as default; it passes untagged frames. Also assume port 2 on each switch is 
configured to accept only tagged frames, which limits traffic to VLAN 1. In that 
case, VID 1 frames from E-l will never reach E-5. 

An ISL is necessary to connect VLAN 1 across the switches. The ISL is 
established by configuring port 1 asa member of VLAN 1 on both switch 1 and 
switch 2. Both instances of port 1 must transmit tagged frames, and atypical 
ISL is also configured to drop untagged frames. In that case, VLAN 1 is 
connected across the switches. 



Switch 1 



Switch 2 



2 3 4 5 



E-1 



E-2 



E-3 



E-4 



6 5 4 3 2 



VID 2 



VID 3 



VID 4 



VID 2 



VID 3 



VID 4 



E-5 



E-6 



E-7 



E-9 



Figure 4-6 An Inter- Switch Link 

The configuration of the ISL ports and the other ports on each switch 
determineshow tagged frames are transmitted across the switches. For example, 
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if you requi re frames from V LAN s 2 and 3 to cross the switches, the ports 
should have the following configuration for both switches: 



Per, 


Receive 
Frame Type 


Ingress 
Filter 


VI ANc 


UN Ldy btil 


PVID 


1 


802.1Q - Only 


Disabled 


V2,V3 


No 


4095 


2 


All Frames 


Disabled 


V2 


No 


V2 


3 


All Frames 


Disabled 


V3 


No 


V3 


4 


All Frames 


Disabled 


V4 


No 


V4 


5 


All Frames 


Disabled 


V4 


No 


V4 


6 (Sw 2) 


All Frames 


Disabled 


VI (Default) 


Yes 


VI 



In this case, V LAN 2andVLAN 3 arelinked across the switches. H owever, 
port 1 is not a member of V LAN 4, so frames from E-3 and E-4 cannot reach 
E-7 and E-8. In other words, VLAN 4 is not linked across the switches. And 
because port 1 accepts only tagged frames, any untagged frames from E -9 will 
not cross from switch 2 to switch 1. 

If you want VLAN 2 to passframesto and from E-9, you need to configure the 
ISL differently. For example, you could change port 1 on both switches as 
follows: 



- 


Receive 
Frame Type 


Ingress 
Filter 


VLANs 


Untagset 


- 


1 


All Frames 


Disabled 


V3 


No 


V2 








V2 


Yes 





In this case, if port 1 receives an untagged frame, it assigns the frame to VLAN 
2. That meansVLAN 2 will be flooded with frames from E-9. 

On the other hand, when port 1 transmits a frame from VLAN 2, it removes 
thetag. Since all theother ports accept untagged frames, those frames will flood 
VLAN 3 on both switches, and VLAN 4 on the originating switch. 

To see the menus and steps to configure an ISL, see "Configuring Inter- Switch 
Links" on page 4-33 
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Configuring VLAN Management 

To access theVLAN M anagement M enu, typev in the Configuration M enu. 
A screen similar to Figure 4-7 appears. 



IntraCore 6524 VLAN Management Menu 


VLAN Version: 1 VLAN Type: Port Based 


Max. Supported VLAN ID: 4094 Max. Supported VLANs: 64 


Number of VLANs Configured: 1 Number of Active VLANs: 1 


<Cmd> 


<Description> 


g 


GVRP Configuration 


s 


VLAN Group Static Configuration 


P 


VLAN Port Attribute Configuration 


d 


Display VLAN Groups Summary 


a 


Display Port VLAN Attribute Summary 


r 


Reset VLAN Configuration to factory default 


q 


Return to previous menu 


Command> 





Figure 4-7 VLAN M anagement M enu 

Current Settings 

Table4-5 describes each setting on theVLAN M anagement M enu. 





VLAN Version 


IEEE 802.10 version number. 


VLAN Type 


Port-based or SN M P-based. 


Max. Supported VLAN ID 


T he 1 ntraC ore 6524 supports 4094 VLAN IDs. 


Max. Supported VLANs 


T he 1 ntraC ore 6524 supports 64 V LAN s 


N umber of V L A N s C onfigured 


Number of VLANs currently present on the switch. 


N umber of Active VLAN s 


Number of VLANs currently active on the switch. 



Table 4-5 VLAN Management Settings 
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Configuring Static VLAN Groups 

To access theVLAN Group Static Configuration M enu, typev in the 
Configuration M enu to access theVLAN M anagement M enu, then typesto 
access theVLAN Group Static Configuration Menu. A screen similar to 
Figure 4-8 appears. 



IntraCore 6524 VLAN Group Static Configuration Menu VLAN Index: [01] 


Module Port List 1 8 9 16 


17 24 25 32 


1 +: static ++++++++ ++++++++ 


++++++++ ++XXXXXX 


VID: 0001 Created By: Mgmt 


Name: Default VLAN 


Sharing ID: 0000 Mgm Access: Enable 


Status: Active, Independent 


<Cmd> <Description> <Cmd> 


<Description> 


c Create VLAN r 


Remove VLAN 


e Set VLAN Name t 


Toggle Mgmt Access 


a Add Port Members d 


Delete Port Members 


m Move ports to this VLAN 




Command> 




Select VID Next VLAN Prev VLAN Advanced Config Help Quit 



Figu re 4-8 VLAN Group Static Configuration M enu 

Navigate to theVLAN that you want to configure by typing a command as 
shown at the bottom of the screen. With the Select command, you select a 
VLAN by its index; you can type the index of an existing VLAN , or the index 
of aVLAN you will create. 
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Current Settings 

Table4-6 describes each setting on theVLAN Group Static Configuration M enu 
screen. 





VLAN Index 


TheVLAN Index of the VLAN group for which the information 
on the screen applies. The index is maintained by the system, and 
is not necessarily the same as the V 1 D . 


Port List 


Shows each port's current membership status for thisVLAN 
group. 


VID 


VLAN ID. 


FID 


Filtering ID. 


C reated By 


Creator of thisVLAN group; either Mgmt or GVRP. 


M gm Access 


W hether management access is currently enabled or disabled. 


Name 


The name arbitrarily assigned to theVLAN group. 


Status 


Whether theVLAN group is active or inactive, and whether inde- 
pendent learning or shared learning of addresses is enabled. 



Table 4-6 VLAN Group Static Configuration Settings 



Creating a VLAN 

To createaVLAN , you must first find afreeVLAN index. From theVLAN 
Group Static Configuration Menu, typed. This command displays a list of all 
theVLAN indexes and VIDsthat are currently in use. Decideon theindexand 
VID you want to use for the new VLAN. 

To create the VLAN : 

1 Type s to select a VLAN , and then enter the VLAN index 
you decided to use. You will noticethattheVID for an 
unused VLAN isOOOO. 

2 Type c to create the new VLAN and enter the VID you 
want to use. 

3 Enter a name for theVLAN . 
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4 Enter the portsto assign to theVLAN . 

To make more than one assignment, separate each one with 
a comma. For example, 8,11 specifies ports 8 and 11. To 
specify a range of ports, use a hyphen. For example, 1-3, 8, 
11 specifies ports 1, 2, 3, 8, and 11. See H elp for more 
information about specifying modules and ports 

Removing a VLAN 

To remove theVLAN , from theVLAN Group Static Configuration M enu, 
types to select theVLAN , then type r to remove it. 

Naming a VLAN 

To name theVLAN , from theVLAN Group Static Configuration M enu, 
typesto select theVLAN , then typee. Follow the instructions on thescreen. 

Enabling and Disabling Management Access 

T he I ntraC ore 6524 supports configurable management access for V LAN s. 

By default, management access is enabled, and all devices connected to the 
switch in aVLAN can communicate with theswitch management agent. 

▲ Important! You can disable management access for a 
VLAN . If security is a concern for members of a particular 
VLAN, disabling management accessfor that VLAN will 
prevent any member of that VLAN from attempting to 
change the switch's configuration. See "Enabling and Dis- 
abling M anagement Access." 

To enableor disable management accessfor this VLAN , from theVLAN Group 
Static Configuration M enu, typesto select theVLAN , then type t to toggle 
management access 

Adding Port Members 

To add ports as members of theVLAN , from theVLAN Group Static 
Configuration Menu, type a. Follow the instructions on thescreen to enter the 
portsto assign to theVLAN . Adding a port to a VLAN does not affect the 
port's status on any other VLAN. 

Deleting Port Members 

To delete ports as members of theVLAN , from theVLAN Group Static 
Configuration M enu, typed. Follow the instructions on thescreen to enter the 
portsto assign to theVLAN . Deleting a port from aVLAN does not affect the 
port's status on any other VLAN . 
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Moving Ports to This VLAN 

To move ports to thisVLAN , from theVLAN Group Static Configuration 
M enu, type m. Follow the instructions on thescreen to enter the portsto assign 
to the VLAN . M oving a port to a VLAN removes that port from any other 
VLAN on the switch. 

Advanced Static VLAN Configuration 

To access the Advanced Group Static Configuration M enu, type v in the VLAN 
Group Static Configuration M enu. A screen similar to Figure 4-8 appears. 



IntraCore 6524 VLAN Group Advanced Static Config. Menu 


VLAN Index: [01] 




Module Port List 1 8 9 16 


17 24 25 32 


1 +: static ++++++++ ++++++++ 


++++++++ ++XXXXXX 


VID: 0001 Created By: Mgmt 


Name: Default VLAN 


Sharing ID: 0000 Mgm Access: Enable 


Status: Active, Independent 


<Cmd> <Description> <Cmd> 


<Description> 


a Add Untagged Ports d 


Delete Untagged Ports 


Command> 




Select VID Next VLAN Prev VLAN 


Help Quit 



Figure 4-9 Advanced Group Static Configuration M enu 



Page 4-29 



Advanced Management 



Current Settings 

Table4-6 describes each setting on theAdvanced Group Static Configuration 
M enu screen. 





VLAN Index 


TheVLAN Index of the VLAN group for which the information 
on the screen applies.Theindexismaintained by the system, and 
is not necessarily the same as the V 1 D . 


Port List 


Shows each port's current membership status for this VLAN 
group. 


VID 


VLAN ID. 


Sharing ID 


Filtering ID. 


C reated By 


Creator of this VLAN group; either M gmt or GVRP. 


M gm Access 


W hether management access is currently enabled or disabled. 


Name 


Thenamearbitrarily assigned to theVLAN group. 


Status 


Whether the VLAN group is active or inactive, and whether inde- 
pendent learning or shared learning of addresses isenabled. 



Table 4-7 VLAN Group Static Configuration Settings 



Specifying Tagging or No Tagging for a Port 

Each VLAN maintains a list of ports that do not send tagged frames. When you 
add a port member to a VLAN , it is added to the untagged set by default. This 
means the frames sent out on thisport will beuntagged. 

If you want to restrict the port to sending only tagged frames on a given VLAN , 
you must delete the port from theVLAN 's untagged set. 

To delete a port from the untagged set, typed in the Advance Group Static 
Configuration M enu. Then enter themoduleand port description. 

To add a port to theVLAN 's untagged set, type a in the Advance Group Static 
Configuration Menu. Then enter themoduleand port description. 
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Configuring VLAN Port Attributes 

To access theVLAN Port Configuration M enu, typev in the Configuration 
M enu to access the VLAN M anagement M enu, then type p to access the 
VLAN Port Configuration M enu. A screen similar to Figure 4-10 appears. 



VLAN Port Configuration Menu Module Type: [24-100TX/RJ45] 
IntraCore 6524 VLAN Port Configuration Menu Module: 01 Port: 01 

Port VLAN Membership Info (+ : Member, -: Non Member) : 
VLAN Index : 1+ 9 17 25 



33 41 49 57 

Port VLAN ID (PVID) : 4095 Port GVPP Status: Disabled 

Port Frame Type: 802. 1Q Tag Port Ingress Filtering: Disabled 

<Cmd> <Description> 

c Change Port VLAN ID 

o Add/Delete VLANs to/from Port 

f Toggle Port Ingress Filtering Enable/Disable 

t Toggle Port Receive Frame Type 

q Return to previous menu 



Command> 

Select port Next port Prev port 



Figure 4-10 VLAN Port Configuration M enu 

N avigate to the port that you want to configure by typing a command as shown 
at the bottom of the screen . 
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Current Settings 

Table4-8 describes each setting on theGVRP Port Configuration M enu screen. 







M odule 


ThelntraCore6524 module for which the information on the 
screen applies. (Always module 1.) 


Port 


The port for which the information on the screen applies. 


Port VLAN Member- 
ship Info 


Shows each VLAN index's current membership status for this 
port. 


PortVLAN ID (PVID) 


Thisport'sVLAN ID. 


Port Frame Type 


W hether the port currently receives all frames (tagged and 
untagged) or only 802.10 tagged frames. 


Gvrp Failed Reg. Count 


The number of times the system has failed to dynamically register 
aVLAN . Failure usually indicates the maximum number of 
VLAN S has been reached. 


Port Ingress Filtering 


W hether ingress filtering is currently enabled or disabled on this 
port. 



Table 4-8 VLAN Port Configuration Settings 
Setting the PortVLAN ID 

PortVLAN ID (PVID) is used for VLAN classification of incoming untagged 
frames and has meaning only when a port is configured to receive both 
untagged and tagged frames. It is used to assign untagged frames to theVLAN 
identified by thePVID. 

By default, each port on the switch hasaPVID of 1 (the default VLAN ). The 
allowed PVID range is 1 to 4094. For ports that are configured to receive only 
tagged frames, thePVID is meaningless and theport isassigned aPVID 
of 4095. 

For ports that are members of more than one VLAN , received frames are 
assigned as follows: 

□ A tagged frame is forwarded totheVLAN matching theVID in the 
tag field of the frame 

□ An untagged frame is forwarded totheVLAN matching the PVID 

TosettheVLAN ID for the port, from the VLAN Port Configuration M enu, 
typei. Follow the instructions on the screen. 
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Adding and Deleting VLANs from the Port 

To add VLAN s to the port or delete V LAN s from the port, from the VLAN 
Port Configuration M enu, typeo. Follow the instructions on the screen. 

Enabling and Disabling Port Ingress Filtering 

By default, a port will accept and forward tagged frames whether or not the port 
isa member of a VLAN matching the VI D of the tagged frame. 

If ingress filtering is enabled, incoming tagged frames are forwarded only if the 
port isa member of theVLAN matchingtheVID of the tagged frame. All other 
frames are dropped and no addresses will be learned. 

To enableor disable ingress filtering on theport, from theVLAN Port 
Configuration M enu, typef to toggleport ingress filtering. 

Configuring Port Receive Frame Type 

By default, all ports on the I ntraC ore 6524 receive both 802. 1Q tagged frames 
and untagged frames. A port may be configured to receive only 802. 1Q tagged 
frames. This configuration isa necessary part of Inter- Switch Link (ISL) 
configuration (see "Configuring Inter- Switch Links"). 

If a port is configured to receive only tagged frames, any untagged frames 
received by the port are dropped and the source address of the untagged frames 
is not learned. 

Incoming tagged frames are forwarded to the VLAN whoseVID isincludedin 
the tag header of the frame. See "Enabling and Disabling Port Ingress Filtering" 
for more information about forwarding and filtering of received tagged frames. 

To toggletheport between receiving all frames and receiving only tagged 
frames, from theVLAN Port Configuration M enu, typet. 

Configuring Inter-Switch Links 

An inter-switch link (ISL) isa port that connects V LAN s from two different 
switches; it's the means to shareVLAN information between switches on a 
network. 

To configure a port as an ISL, you must do thefollowing: 

□ Add the ISL port to each VLAN that is shared by the two switches. 
This configures the port to share theVLAN traffic between the two 
switches. 
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□ For each V LAN , remove the I SL port from the V LAN 's set of 
untagged ports. By default, when you add a port to aVLAN , the port 
will send tagged and untagged frames. Removing the port from the 
untagged set configures the port to send only tagged frames. 

□ In most cases, configure the I SL port to receive tagged frames. A port 
that is configured to receive only tagged frames will drop untagged 
frames. 

Once the port is configured as an ISL it will pass frames from switch to switch, 
but it can act as a gate that passes only frames associated with specific V LAN s. 

Adding an ISL Port to VLANs 

You add a port to a V LAN intheVLAN Static Group Configuration M enu. 

1 Type v in the Configuration M enu to access theVLAN 

M anagement M enu, then typesto access theVLAN Group 
Static Configuration M enu. 

2 Use the commands on the bottom of themenu to select the 
VLAN you want. 

3 Once you select a VLAN , typea. Then enter the module 
and port to assign to theVLAN . To specify module and 
port, separate them with a colon. For example, 1:8 assigns 
port 8 of module 1. 

4 Repeat steps 2 and 3 for each V LAN that is part of the I SL. 

Configuring Tagging for the ISL Port on Each VLAN 

You specify tagging for a port in the Advance Group Static Configuration 
M enu. 

1 Type v in the Configuration M enu to access theVLAN 

M anagement M enu, then typesto access theVLAN Group 
Static Configuration M enu. 

2 Use the commands on the bottom of themenu to select the 
VLAN you want. 

3 Typevto display theAdvanced Group Static Configuration 
M enu. 

4 Typed, then enter the module and port description for the 
ISL port. This removes the port from theVLAN 'suntagged 
set. 
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Configuring the ISL Port to Receive Tagged Frames 

You configure a port to receive tagged frames in the VLAN Port Configuration 
M enu. 

1 Type v in the Configuration M enu to access theVLAN 

M anagement M enu, then type p to access theVLAN Port 
Configuration M enu. 

2 Use the commands on the bottom of themenu to select the 
module and port you want. 

3 To toggle the port between receiving all frames and receiv- 
ing only tagged frames, from theVLAN Port Configuration 
M enu, typet. 

Displaying a Summary of VLAN Groups 

To view a summary of VLAN groups, type v in the Configuration M enu to 
accesstheVLAN M anagement M enu, then typed to access the VLAN Group 
Summary. A screen similar to Figure 4-11 appears. 



IntraCore 6524 VLAN Groups Summary 

+ + + + + + + 

I Index | VLAN ID | Mgmt Access I Created By | Sharing ID | Status I 
+ + + + + + + 

1 1 Enable Mgm Action 0 Active, Independent 

2 1024 Enable Mgm Action 1 Inactive 

End of VLAN Summary, Quit 



Figure 4-11 VLAN GroupsSummary 
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Displaying a VLAN Port Summary 

To view a module port VLAN summary, typev in the Configuration M enu to 
access the VLAN M anagement M enu, then type a to access the Port VLAN 
Attribute Summary. A screen similar to Figure 4-12 appears. 



IntraCore 6524 Module 1 Port VIAN Info 



+-- 




--+= 




=+ = 


Port I 


PVID 


Tx/Rx 


I Ingress 


Number 




I Frame Type 


I Filtering 


1 


4095 


1 802 


1Q Tag 


1 Disabled 


2 


0001 


All 


Frames 


1 Disabled 


3 


0001 


All 


Frames 


1 Disabled 


4 


0001 


All 


Frames 


1 Disabled 


5 


0001 


All 


Frames 


1 Disabled 


6 


0001 


All 


Frames 


1 Disabled 


7 


0001 


All 


Frames 


1 Disabled 


8 


0001 


All 


Frames 


1 Disabled 


9 


0001 


All 


Frames 


1 Disabled 


10 


0001 


All 


Frames 


1 Disabled 


11 


0001 


All 


Frames 


1 Disabled 


12 


0001 


All 


Frames 


1 Disabled 


13 


0001 


All 


Frames 


1 Disabled 


14 


0001 


All 


Frames 


1 Disabled 


15 


0001 


All 


Frames 


1 Disabled 


16 


0001 


All 


Frames 


1 Disabled 



Quit Next Page Select Module Previous Module next Module 



Figure 4-12 Port VLAN Info screen 

To view the summary for other modules, type a command as shown at the 
bottom of the screen. 

Resetting VLAN Configuration to Defaults 

To reset the security measures on the I ntraC ore 6524 to the factory defaults, 
access theVLAN M anagement M enu by typing v in the Configuration M enu 
Then typerto reset all oftheVLAN configurations that have been changed 
back to the factory-set defaults. 



Page 4-36 



Multicast Traffic Management 



Multicast Traffic Management 

M ulticast traffic is a means to transmit a multimedia stream from the internet (a 
video conference, for example) without requiring aTCP connection from every 
remote host that wants to receive the stream. The stream is sent to the multicast 
address, and from there it's propagated to all interested parties on the internet. 

Traditional IP communication allows a host to send packets to a single host 
(uni cast transmission) or to all hosts (broadcast transmission). IP multicast 
provides a third scheme, allowing a host to send packets to a subset of all hosts 
(group transmission). 

Multicast Addresses 

M ulticasts are sent to special IP addresses in the range from 224.0.0.0 through 
239.0.0.0. These are also called "ClassD" addresses. The IP multicast address 
always begins with the four bits 1110 (which identifies the address as a 
multicast). The remaining 28 bits of the multicast address specify the individual 
multicast group. 

When an end station wants to join in an IP multicast group, it binds the 
multicast address of that group to its network interface. When a node is using 
an IP multicast address it also uses an Ethernet multicast address. Ethernet IP 
multicast addresses begin 01:00:5e. The remaining 24 bits are the lowest 24 bits 
of the IP multicast address. There is not a 1-to-l mapping of IP multicast 
addresses to Ethernet multicast addresses. 

When configuring a V LAN for multicast traffic, you specify the Ethernet 
address for the multicast group. (See"M ulticast Forwarding Database 
Configuration" on page 4-40.) 

IGMP 

Communication on a LAN between end stationsand routers is managed by the 
Internet Group M anagement Protocol (IGM P). For complete information 
about IGM P, see RFC 1112, "H ost Extensions..." and RFC 2236, "Internet 
Group M anagement Protocol, Version 2" <ftp://ftp.isi.edu/in-notes/ 
rfc2236.txt>. 

A router that supports multicast and IGM P sends periodic messages called 
"queries" on its LAN interfaces. These queries inquire if any end stations want 
to join a multicast group. End stations signal their desire to join the multicast 
group by responding with an IGM P "report." By using a multicast routing 
protocol, such as Protocol-Independent M ulticast (PIM ), routers maintain 
forwarding tables that they use to forward multicast datagrams. 
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Packets delivered to members of the multicast group are identified by a single 
multicast group address. Any host, regardless of whether it is a member of a 
group, can send to a group. However, only the members of a group receive the 
message. M embership in an IP multicast group is dynamic; hosts can join and 
leave at any time. There is no restriction on the location or number of members 
in a multicast group. A host can beamember of more than onemulticast group 
at a time. 

IGMP Snooping 

A traditional Layer-2 switch isunableto determine which end stationson the 
LAN are interested in which multicast groups. To avoid unnecessary flooding, 
the switch may useIGM P Snooping. That means the switch listens to IGMP 
messages to learn which ports want multicast traffic from which multicast 
groups. The switch inserts the correct Ethernet multicast address into the 
forwarding tablefor the ports where an end station hasjoined a multicast 
group. 

Configuring Multicast Traffic Management 

T he M ulticast Traffic M anagement M enu allows you to set up group 
transmission. To access the M ulticast Traffic M anagement M enu, typec in the 
Configuration M enu. A screen similar to Figure 4-13 appears. 



IntraCore 6524 IP Multicast Traffic Management Menu VLAN Index: [01] 
IP Multicast Forwarding Database 



IP Multicast Address Count : 1 

IGMP Status : [Enabled] 

IGMP Proxy Report Forward : [Disabled] 

Query Port Info: [+: Query Port -: Non-Query Port] 

Query Port List: [01] [09] [17] [25]— XXXXXX 



<Cmd> <Description> 

i Toggle IGMP Enable/Disable 

x Toggle IGMP Proxy Report Forward Enable/Disable 

m IP Multicast Forwarding Database Configuration 

d Display Group Addresses 

a Display Group Addresses in All VLAN 

q Return to previous menu 



Command> 

Select VLAN Next VLAN Prev VLAN 



Figure 4-13 IP M ulticast Traffic M anagement M enu 
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Current Settings 

Table4-9 describes each setting on the M ulticast Traffic M anagement M enu. 







MulticastGroupAddress 
Count 


The number of multicast group addresses in the forwarding 
table. 


IGM P Snooping 


Whether IGM P Snooping isenabled or disabled. 



Table 4-9 IP Multicast Traffic Management Settings 

Enabling and Disabling IGMP Snooping 

To enableor disable I G M P Snooping on the IntraC ore 6524, from the 
M ulticast Traffic M anagement M enu, typei to togglethe status of IGM P 
Snooping. 

Displaying a Summary of Group Addresses 

To display a list of multicast group addresses for the current V LAN , from the I P 
M ulticast Traffic M anagement M enu, typed. A screen similar to Figure 4-14 
appears. 





Multicast IP Addr 


Action | 


+ 

224.60.60.60 


\- + 

IGMP 


224.70.70.70 


IGMP 


224.80.80.80 


IGMP 


224.90.90.90 


Mgm Action 


End of Surrmary, 


Quit 



Figure 4-14 Summary of G roup Addresses for the current V LAN 

To display a list of all multicast group addresses, from thelP M ulticast Traffic 
M anagement M enu, type a. A screen similar to Figure 4-15 appears. 
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Multicast IP Addr 



VID 



Action 



224.60.60.60 
224.70.70.70 
224.80.80.80 
224.80.80.80 
224.90.90.90 



0001 
0001 
0001 
0002 
0002 



Mgm Action 
Mgm Action 
Mgm Action 
Mgm Action 
Mgm Action 



End of Summary, 



Quit 



Figure 4-15 Summary of All Group Addresses 



Multicast Forwarding Database Configuration 

The M ulticast Forwarding Database lists addresses of multicast groups, and 
assignsthem to specific VLANs. It also lists the ports within aVLAN that can 
receive traffic from the multicast address. 

To access theM ulticast FDB Configuration M enu, typec in the Configuration 
M enu to display the IP M ulticast Traffic M anagement M enu. Then typem. A 
screen similar to Figure 4-16 appears. 



IntraCore 6524 IP Multicast FDB Configuration Menu VLAN Index: [01] 

IP Multicast Address: 224.90.90.90 
Created By: Mgm Action 

Group Member Info: [ +: Member -: Not Member ] 

Member Port List: [01]-+++ [09] [17] [25]— XXXXXX 

<Cmd> <Description> 

0 Add/Delete Ports 

1 Insert Multicast IP Addr 
r Remove Multicast IP Addr 
q Return to previous menu 



Command> 

Select VLAN Next VLAN Prev VLAN Select Addr Next Addr Prey Addr 



Use the commands at the bottom of the menu to select a VLAN or M ulticast 
Group address. 
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Adding Ports to the Selected Address 

To add or delete ports belonging to the multicast group: 

1 Select the V LAN that contains the ports and the address. 
Type sand follow the instructions. 

2 Select the M ulticast G roup address. Type s and follow the 
instructions. 

3 Typeo and follow the instructions. 
Inserting a Multicast Group Address 

Inserting an address adds the address to the list of M ulticast Groups for the 
current V LAN . The addresses begin 01:00:5e. The remaining 24 bits are the 
lowest 24 bits of the IP multicast address. 

To insert an address: 

1 Select the VLAN to which you will assign the new address. 
Type sand follow the instructions. 

2 Typei and follow the instructions to add the new address. 

Removing a Multicast Group Address 

To remove an address: 

1 SelectaVLAN from which you will remove the address. 
Type sand follow the instructions. 

2 Type rand follow the instructions to remove the address. 
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Web Browser Management 



This chapter tells how to manage the I ntraC ore 6524 by means of a Web 
browser, usingWeb pages to monitor and configure the switch. 

M ost of the options and functions provided by Web browser management are 
similar to those of the Local M anagement Interface. For additional detailsabout 
managing the I ntraC ore 6524, refer to C hapter 3, "Configuration," and 
Chapter 4, "Advanced M anagement." 

▲ Important! To useWeb browser management, the 
IntraCoremust be configured with an IP address. For 
instructions on assigning an IP address to the switch, 
see "Configuring for M anagement" on page 2-8. 

▲ Important! TheWeb browser interface to thelntraCore 
6524 is disabled by default. To enable the Web browser 
interface, use the User Interface Configuration Menu (see 
"User Interface Configuration" on page 3-46). 

Accessing with a Web Browser 

Once you have assigned theswitch an IP address and enabled theWeb browser 
interface, you can useaWeb browser to manage thelntraCore 6524. 

To access the HTTP server: 

1 Locate a computer with an I nternet connection and func- 
tioning World Wide Web browser and open the browser. 

2 Type the switch IP addressin theURL field, then press 
Return. 

3 Enter user name IntraCoreand a password. The password 
is the same as the current console password. (The default 
password isAsante.) 

4 Press Return. TheWeb Browser M anagement Overview 
page appears, as shown in Figure 5-1. 
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ASAME 



Port Conf ig 



Duplicate IP 




M 6 8 10 IE 1H 16 IS £0 ^^ £H 



IntraCort ' 6S24-2G 



1 3 5 T 1 11 13 IS 17 11 21 



C ontac t email address: sup-|!0rt@asante .c om 
Telephone: 300.622,7464 
Fax: 801 .566.3787 

Copyright ©2000, As&nti3 Technologiesj Inc . All Rights Reserved. 



Figure 5-1 Web Browser M anagement 0 verview page 

TheWeb Browser M anagement Overview page contains a sidebar with ten 
management option buttons, and a view of the IntraCorefront panel that 
displays real-time I ntraC ore 6524 operating information. 



♦ Note: Thebrowser pagesshown in this chapter aretypical 
of those used forthelntraCore, and settings are given only 
as examples. T he user must configure the I ntraC ore with 
parameters that are specific to the user's application and site 
requirements. 
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Management Buttons 

The buttons on the left provide the following options: 



□ 


Front Panel 


□ 


Genl Info (General Information) 


□ 


Statistics 


□ 


Port Config (Port Configuration) 


□ 


Span Tree (Spanning Tree Protocol Configuration 


□ 


SN M P (Simple Network M anagement Protocol) 


□ 


AddrTable (IP/MAC AddressTable) 


□ 


VLAN (Virtual LAN Configuration) 


□ 


Security 


□ 


Duplicate IP (Duplicate IP Trap Log) 



Thefollowing sectionsdescribe and explain the pages that are displayed when 
you click each of the buttons. 

Front Panel Button 

This button opens (or refreshes) the Web Browser M anagement Overview page. 
Thisisthetop-level or opening page. The Web Browser M anagement Overview 
pageisshown in Figure 5-1 and contains the following elements: 

□ Front panel display 

□ Port activity indicator 

□ Port selector feature 
Front Panel Display 

Thefront panel graphic displays theimage of the connected switch, itsLED 
panel, and the active data ports. 

Port Activity Indicator 

Thefront panel LED display simulates thelntraCorein real-time operating 
mode. The display approximates all switch activity as it occurs. 
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Port Selector Feature 

If you point the cursor to a port connector and click the mouse, a port-specific 
page is displayed, which shows the selected port's configuration and traffic 
statistics 




03 * Auto -> Manual fiBfflHH 



Fort Continuation 

Link Status: Uplo0/FULL 

Media Type: ^ 

r°rt Status: | Enab , e . j 

Auto Negotiation: | Enab | e 

Flow Control: | D|sab | e . | 

Port Default Priority: I 0 ' (L0WeSt > 1 



Security : 

Level f~r, 

[ None 



ZJ 



Fort Statistics 



Rx Counters: 

TOM 

Frames: 

Bytes: 

Dropped 

Frames: 

Frame 



Multicast 
Broadcast 

64- Byte 
Pkts: 

65- 127 
Pkts: 
128-255 
Pkts: 
256-511 
Pkts: 
512-1023 
Pkts: 
1024-1518 
Pkts: 

Collisions: 
Collisions: 



Errors: 

Undersize d Pkts: 
Oversize d Pkts: 
CRC/Align: 
Fragments: 
FCS: 

Late Events: 
Total 



5 

12 



Figure 5-2 Port Configuration and Statistics page 
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Genl Info (General Information) Button 

Thisbutton opens the I ntraC ore's General Information page, as shown in 
Figure 5-3. The page has six sections, which are listed at the top of the page. 
To view another section, click a link at the top of thepageor scroll down. The 
General Information parameters are described fully in "Viewing General 
Information" on page 3-4. 



) Software Version W Switch Address 

I Administrative Information Of Bootstrap Information 

I Syste m Information 9 Syste m Clock 



General Information 

Software Version: 

Running I mage Version/Date: l.OOG/Aug 29 2000 11:13:55 

Bank 1 Image Version/Date: l.OOG/Aug 29 2000 11:13:55 (Running) 
Bank 2 Image Version/Date: 1, 00F/ Aug 24 2000 14:09:25 

Administrative Information: 



Switch Name: 



r 

Switch Location: j- 
Switch Contact: r 



[ Apply Changes | | Restore ) 



System Information: 



Figure 5-3 General Information page 
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Statistics Button 

Thisbutton opens the Statistics page, which presents a graphical image of the 
I ntraC ore statistics, as shown in Figure 5-4. On thispage, theusercan view 
system statistics sincethe last system reset. For a description of the statistics 
counters, see "Viewing Statistics" on page 3-50. 




Figure 5-4 Statistics- Bar Chart 
The following features allow you to modify the statistics bar chart. 

□ Up-Down Arrows - The left-most up and down arrows let you scroll 
the screen up to view the counter graph. T his is useful when the 
counters have run off thescreen due to the system having been up for 
a long time. 

□ Right-Left Arrows -These arrows beneath theBarChart let you view 
the statistics for different ports on the same module (if the Port radio 
button is selected) or ports in different modules (if the M odule radio 
button is selected). 

□ SinceUp Button - Brings up a graph of the total packets/ bytes 
switched on the ports since the switch was last reset or powered on. 

□ RateButton- Displays the rate of the packets or bytes per port. 

□ Since Rst - Displays the packets/bytes switched si nee the manage- 
ment counters were last reset or cleared. 



Page 5-6 



Statistics Button 



□ Reset - Clearsthecountersforfuturesamplings. 

□ Counters - Displays the statistical counters of the associated view, 
since up or since reset, as shown in Figure 5-6 and Figure 5-7. 

♦ Note: You mayalsoviewasummaryoftheframesperport 
by placing the cursor on the desired bar. A box with the sta- 
tistics appears. 

To see either a line graph or a table display of the system's statistics, click on a 
bar, then choose the option you want from the pop-up menu at the top of the 
Statistics page, and click Apply. 

In Figure 5-5, theReceived Frames statistics for a single port aredisplayed in a 
linegraph. 
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In Figure 5-6, a summary of the counters for a port is displayed in tableformat. 



Statistics 






I Table H 


Apply 














BPORT5-5: Sampling Interval (seconds) |2 j-JI RESET II 
























Total RX Pkts 


7 


7 


7 


50,191 










Total RX Bytes 


763 


763 


763 


5,280,555 




Dropped Pkts 


0 


0 


0 


2 




Good Broadcast 


0 


0 


0 


4,718 




Good Multicast 


0 


0 


0 


3,130 




Undersize Pkts 


0 


0 


0 


0 




Oversize Pkts 


0 


0 


0 


0 




CRC/Align Errs 


0 


0 


0 


0 




Fragments 


0 


0 


0 


0 




FCS Errors 


0 


0 


0 


0 




Collisions 


0 


0 


0 


0 
















& Group 'B Port 


|;| 















Figure 5-6 Summary of counters for a port 
In Figure 5-7 the counters for a port are displayed in bar graph form. 




Figure 5-7 Bar graph of counters for a port 
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Port Config (Port Configuration) Button 

This button opens the Port Configuration page, which provides a 
comprehensive overview of the status of each port on the I ntraC ore, as shown 
in Figure 5-8. The configuration page for any individual port can be accessed by 
single clicking on the associated blue number in the right or left hand margin. 



Port Configuration 



■ Click on the Module - Port mmVbpt to go to the port configuration settktgpage 



1 


Module -Port 


State 


Port status 


T wik status 


Type 


Mode 


Module -Port 


iTi 


F oiwaiding 


Enabled 


Down 


TX 


10/Half 


in 


1-2 


F oiwaiding 


Enabled 


Down 


TX 


10/Half 


1-2 


1-3 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-3 


1-4 


F oi warding 


Enabled 


Down 


TX 


10/Half 


1-4 


1-5 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-5 


1-6 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-6 


1-7 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-7 


1-8 


P oiwaiding 


Enabled 


Down 


TX 


10/Hali 


1-8 


1-9 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-9 


1-10 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-10 


1 11 


Foiwaiding 


Enabled 


Up 


TX 


1O0/FUIX 


1-11 


1-12 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-12 


1-13 


F o*waiding 


Enabled 


Down 


TX 


10/Hali 


1-13 


1-14 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-14 


1-15 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-15 


1-16 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-16 


1-17 


F oi warding 


Enabled 


Down 


TX 


10/Half 


1-17 


1 18 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1 18 


1-19 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-19 


1 20 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-20 


1-21 


P oiwaiding 


Enabled 


Down 


TX 


10/Half 


1-21 


1-22 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-22 


1-23 


Foiwaiding 


Enabled 


Up 


TX 


100/Half 


1-23 


1-24 


Foiwaiding 


Enabled 


Down 


TX 


10/Half 


1-24 


1-25 


Foiwaiding 


Enabled 


Down 


FX1000 


1000/FULL 


1-25 


1-26 


F oiwaiding 


Enabled 


Down 


FX1O0U 


1000/FULL 


1-26 


Module ■ Po 1 


State 


Port status 


Lmk status 


Type 


Mode 


Mo***™ 



Figure 5-8 Port Configuration table 
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Span Tree (Spanning Tree) Button 

Thisbutton openstheSpanningTreeProtocol (STP) Configuration page, 
which shows the STP Configuration of thelntraCore, as shown in Figure 5-9. 
STP configuration is explained in Chapter 4, "Advanced Management." Click 
theSTP Port Configuration button to display the STP Configuration settings 
for each port. 



Spanning Tree Protocol Configuration 


Budge ID; 8000 000094EE7410 




Global STP Status: | Enable 


H 


Designated Root 8000 000094933047 






Root Port: 4-4 
Root Path Cost; 120 


Bridge Priority: |32768 


(0-65535) 




Bridge Hello Tune: \Z 


(MO)Sec. 


Hello Time; 2 Sec. 
Maximum Age 20 Sec 
Fonvai (I Delay 15 Sec 


Budge Maimium Age 20 


(6-40)Sec. 


Budge Fonvaid Delay 1 5 


(4-30)Sec. 











Figure 5-9 Spanning Tree Configuration page 



▲ Important! Do N OT configureany STP parameters 
unless you have knowledge of and experiencewith thelEEE 
802. Id specification. 
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SNMP Button 

Thisbutton displays theSN M P (Simple Network M anagement Protocol) page, 
as shown in Figure 5-10. See"SN M P Configuration" in Chapter 3 for an 
explanation of SN M P settings. 



SNMP Configuration 



SNMP Re a (I 0 oiiumuuty public 
SNMP Write 
Coininunity: 



private 



Tiajj Authentication Disable 

SNMP Trap Receivers: 



IP Address 


Community 








|<ernp1y> 


<ernp1y> 




|<ernp1y> 


<ernp1y> 




<emp1y> 


<emp1y> 




<emp1y> 


<emp1y> 





Apply Changes 



Figu re 5-10 SN M P Configuration page 
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Addr (Address) Table Button 

TheAddrTable button openstheMAC and IP Address Table page, which 
displays two tables, as shown in Figure 5-11. The top table displays the counts 
of IP and MAC addresses for each port. The lower table displays IP and MAC 
addresses for either a particular port, or all ports. The display for all ports is 
shown in Figure 5-11. The activity status (Entry) and VLAN segment (VSEG) 
are also displayed for each device. 



MAC am 


IlPa 


duress Counts (Click on Port numb st to show Port-based addr table or All to show All Ports) 




SI 


i 


2 


AU 




HB1 










0 


0 


12 


0 


0 


23 


SS§ 


Module 2 Module 5 


1 | 2 | 3 | 4 | 3 | 6 | 7 | 8 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 20 21 22 23 24 All 



MAC and IP address Counts (Click on VLAN index number to show VLAN-based addr table) 


vmx 






vm 




1002 


ip 




0 


MAC 


22 


D 



Search for IP: ]0.0.0.0 ' Search for MAC: |00:00:00:00:00:00 E|J 



Port: All Address Table D = Dynamic, S= Static, * = Multiple IP 


itrmmnI3IBl 


331 


IP Address 


MAC Address | VSEgH 


3 


3 


D 


192.20334.1 


00 :E0 32:0 1:44:46 




self 


self 


I 


192.203.34.23 


00:00:94:EE:74:10 




3 


3 


D 


192.203.34.33 


00:00:947A:78:BA 




3 


3 


D 


192.203.34.77 


00:00:94:73:34:DE 




3 


3 


D 


192.203.34.97 


00:00:94:73:7F:O4 




3 


3 


D 


192.203.34.117 


00:00:94:73:69:E8 




3 


3 


D 


192.203.34.119 


00:00:94:3D:O0:57 




3 


3 


D 


192.203 34.132 


00:03:02:3B:43:A9 




5 


3 


D 


192.203.34.133 


00:00:94:9A:2F:lO 




3 


3 


D 


192 203 34 198 


00:00:94:73:44:9B 




3 


3 


D 


192.203.34.223 


OOA0:CC:2C:60:CB 




3 


3 


D 


192.203.34.234 


00:00:94:73:3B:2E 




3 


3 


D 




00:00:94:40:37:04 




3 


3 


D 




00:00:94:3D:E2:2B 




3 


3 


D 




00:00:94:3D:E2:8D 






3 


n 




nn-nn 047331 rm 





Figure 5-11 M AC and I P AddressTable page 

To see the MAC and IP addresses, the activity status, and the VLAN segment 
for the devices connected to a particular port, click the port's number in thetop 
table. Use the Search boxes to search for either an IP or MAC address on the 
IntraCore. 
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VLAN Button 

Thisbutton openstheVLAN Groups page, as shown in Figure 5-12. Thepage 
shows the modules of the I ntraC ore 6524, and the ports that are assigned to the 
currently selected VLAN . For information about VLAN s, seeChapter 4. 

IntheVLAN Groups page, there is also a panel that showstheVID of each 
VLAN on the current switch. To select a VLAN , click the appropriate VI D . 




Figure 5-12 VLAN Groups page 

To configure the selected VLAN , click theVLAN button. To configure the 
ports for the selected VLAN , click the Ports button. 

Port Configuration 

Clicking the Ports button in theVLAN Groups page opens the VLAN Port 
Selection page, as shown in Figure 5-13. The page shows the modules of the 
I ntraC ore 6524. There is also apanel indicating thecurrent Port VLAN ID and 
its settings. 

To see and modify the settings for a port, click on the connector for it in the 
modulesimulation.Then make the appropriate settings in the right-hand panel 
of thepage. 
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Click a port to make selection 



pviij rr 



Z) 



□ I ngress Filter 

■'•) Tagged Frames Only 

O All Frames 



Figure 5-13 V LAN Port Selection page 



VLAN Configuration 

To configure a V LAN , first select a VID intheVLAN G roups page (Figure 5- 
12), then click theVLAN button. This opens the VLAN Group Configuration 
options page, as shown in Figure 5-14. 



VLAN Group 1 Configuration 



Create 



Modify 
Remove 



AdoVDel Members 



Add/Del MACAddr 



BACK 



Figure 5-14 VLAN Group Configuration options 
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Creating or Modifying a VLAN 

To create or modify the basic attributes of a VLAN group, click theCreateor 
Modify button intheVLAN Group Configuration dialog box. TheVLAN 
Attributes dialog box is displayed, as shown in Figure 5-15. 



VLAN Attributes 



V I D 
Name 
F I D 



1001 



rnyVlan 



] 

I - share 



I - Management Access 



jjy 

Figure 5-15 VLAN Attributes dialog box 
Enter or change the basic attributes, then click OK. 
Removing a VLAN 

To removeaVLAN from thecurrent switch, click Removein theVLAN Group 
Configuration dialog box. Thisremoves theVLAN you selected atthetimeyou 
clicked VLAN intheVLAN Groups dialog page (Figure 5-12). You will see a 
dialog box asking you to confirm your decision to remove theVLAN . 

Adding and Deleting Port Members 

To add ports to or delete ports from thecurrent VLAN , click the Add/Del 
M embers button in theVLAN Group Configuration dialog box. This displays 
theAdd/DeletePort M ember dialog box, as shown in Figure 5-16. 

In the right-hand panel you can select theoption to show theportsthat arein 
the untagged set or the tagged set of theVLAN . These ports appear in the 
modulesimulation on the left. Darkened ports arenot members. Ports with a 
green X are untagged members. Ports with a green dot are tagged members. 
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To modify the port members: 

1 Select the action you want to perform in the right-hand 
panel; Add/D elete Port M embers, Add/D elete U ntagged 
M embers, or M ove Port to C urrent V LAN , 

2 Click on a port to change its state: 

□ For Add/D elete Port M embers, clicking on a darkened 
port addsitto theVLAN , while clicki ng on aVLAN 
member deletes it. T he status of the port on any other 
VLAN remains unchanged. 

□ For Add/D elete Untagged M embers, clicking on a dark- 
ened port adds it to the untagged set, and clicking on a 
green dot changes it to an untagged port. Clicking on 
an untagged port changes it to a tagged port. The status 
oftheporton any other VLAN remains unchanged. 

□ M ove Port to Current VLAN isthesameasAdd/Delete 
Port M embers, except moving the port also removes the 
port from any other VLAN of which it is a member. 




Click the port to add/delete member 



□ Show Tagged Set 

□ Show Untagged Set 
Add/Del Port Members 

O AdaVDel untagged Member 
O Move Port to current VLAN 



Figure 5-16 Add/D elete Port M ember dialog box 

To add or delete M AC addresses for devices connected to the I ntraC ore 6524, 
click the Add/D el MAC Addr button in the VLAN Group Configuration 
dialog box. The dialog box shown in Figure 5-17 appears. 



Page 5-16 



VLAN Button 



Add Delete MAC Add re 5 5 



Group: fl~ZJ Port: fl 3 



(xk:kx:xk:kx:xk:kx) 




Figure 5-17 Add/D elete M AC Address dialog box 

When you have added or deleted theM AC address, theVLAN Group 
Configuration page is displayed again. 
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Security Button 

This button opens the Security page, which provides a summary of the security 
of each port on thelntraCore, as shown in Figure 5-18. The configuration page 
for any individual port can be accessed by single clicking on theassociated blue 
number in theM odule-Port column. 







Port Security Summary Table (d- Disable t- 


'lap L - Log) 




| Mod ule-Poit 


Type 




Tiusted MAC Add* 


i - 1 


NONE 


NONE 


NONE 






NONE 




1 - 3 


NONE 




NONE 


1 - 4 


NONE 


NONE 


NONE 


1-5 


NONE 


NONE 


NONE 


1 - 6 


NONE 


NONE 


NONE 


1 - 7 


NONE 


NONE 


NONE 


1 - 8 


NONE 


NONE 


NONE 


1 - S 


NONE 


NONE 


NONE 


1-10 


NONE 


NONE 


NONE 




1 - 11 


NONE 


NONE 


NONE 




1 - 12 


NONE 


NONE 


NONE 


1 - 13 


NONE 


NONE 


NONE 


1 - 14 


NONE 


NONE 


NONE 


1-15 


NONE 


NONE 


NONE 


1 - 16 


NONE 


NONE 


NONE 


1-17 


NONE 


NONE 


NONE 


1 - 18 


NONE 


NONE 


NONE 


1 - 1? 


NONE 


NONE 


NONE 


1-20 


NONE 


NONE 


NONE 


1 - 21 


NONE 


NONE 


NONE 


1 - 22 


NONE 


NONE 


NONE 


1 - £3 


NONE 


NONE 


NONE 


1 - 24 


NONE 


NONE 


NONE 




1 - 25 


NONE 


NONE 


NONE 




1 - 26 


NONE 


NONE 


NONE 




9 Click on the Mothde-Port number to set security level and action on Pott configuration 


setting page. 



Figure 5-18 Port Security summary table 
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Duplicate IP Button 

The Duplicate IP button lightsup if a Duplicate IP number has been detected 
on the system. Clicking the button opens the Duplicate IP Trap Log page, 
which, if thetrap isenabled, displays a record of duplicate IP Addresses 
detected. The Log shows the M AC address of the device that is the original or 
rightful owner of the I P address, and the M AC address of the spoofer device 
that is using a copy of the IP address. 







Dupl 


iriLt IP Tnp Log 

























Figure 5-19 D uplicate I P Trap Log page 

For more information on enabling the Duplicate IP trap, see "Enabling and 
Disabling Duplicated IP Trap" on page 4-11. 
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Contacting Technical Support 

To contact AsanteTechnical Support: 

Telephone (800) 622-7464 

Fax (801) 566-3787 

Fax-Back (800) 741-8607 

E-mail support@asante.com 

World W ide Web Site http://www.asante.com 

FTP site for RM ON information <ftp://ftp.isi.edu/in-notes/rfcl757.txt> 

Technical Support H ours 

6:00 a.m. to 5:00 p.m. Pacific Standard Time USA, M onday- Friday. 
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MIB Object Definitions for Counters 

T he following M IB objects are those for which counters are displayed in the 
Statistics Counters screens shown in both theconsoleand Web interface. The 
definitions and references are quoted from RFC 1516. 

Readable Frames 

"This object is the number of frames of valid frame length that have been 
received on this port. T his counter is incremented by one for each frame 
received on this port whose OctetCount is greater than or equal to 
minFrameSizeand less than or equal to maxFrameSize(Ref: IEEE 802.3 Std, 
4.4.2.1) and for which theFCSError and CollisionEvent signals are not 
asserted. 

This statistic provides one of the parameters necessary for obtaining the packet 
error rate. The approximate minimum time for rollover of this counter is 80 
hours." 

Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aReadableFrames 
Readable Octets 

"T his object isthenumberof octets contained in valid frames that have been 
received on thisport. This counter is incremented by OctetCount for each 
frame received on thisport which has been determined to be a readable frame 
(i.e., including FCS octets but excluding framing bits and dribble bits). 

This statistic provides an indicator of the total data transferred. The 
approximate minimum time for rollover of this counter is 58 minutes." 

Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aReadableOctets 
FCS Errors 

"This counter is incremented by one for each frame received on thisport with 
theFCSError signal asserted and theFramingError and CollisionEvent signals 
deasserted and whose OctetCount isgreaterthan or equal to minFrameSizeand 
less than or equal to maxFrameSize(Ref: 4.4.2.1, IEEE 802.3 Std). 



Page B-1 



The approximate minimum time for rollover of this counter is 80 hours." 
Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aFrameCheckSequenceErrors 

Alignment Errors 

"This counter is incremented by oneforeach frame received on thisport with 

the FCSError and FramingError signals asserted and CollisionEvent signal 

deasserted and whose OctetCount isgreaterthan or equal to minFrameSizeand 

less than or equal to maxFrameSize(Ref: IEEE 802.3 Std, 4.4.2.1). If 

rptrM onitorPortAlignmentErrors is incremented then the 

rptrM onitorPortFCSErrors Counter shall not be incremented for the same 

frame. 

The approximate minimum time for rollover of this counter is 80 hours." 
Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aAlignmentErrors 

Frame Too Longs 

"Thiscounterisincremented by oneforeach frame received on thisport whose 
OctetCount isgreaterthan maxFrameSize(Ref: 4.4.2.1, IEEE 802.3 Std). If 
rptrM onitorPortFrameTooLongs is incremented then neither the 
rptrM onitorPortAlignmentErrors nor the rptrM onitorPortFCSErrors counter 
shall be incremented for the frame. 

The approximate minimum time for rollover of this counter is 61 days." 
Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aFramesTooLong 

Short Events 

"Thiscounterisincremented by oneforeach CarrierEvent on thisport with 
ActivityD uration less than ShortEventM axTime. ShortEventM axTimeis 
greater than 74 bit timesand less than 82 bit times. ShortEventM axTi me has 
tolerances included to providefor circuit losses between a conformance test 
point at theAU I and the measurement point within the state machine. 

Note: shortEvents may indicate externally generated noise hits which will cause 
the repeater to transmit Runts to its other ports, or propagate a colli si on (which 
may be late) back to the transmitting DTE and damaged frames to the rest of 
the network. 

Implementorsmay wish to consider selecting the ShortEventM axTi me towards 
the lower end of the allowed tolerance range to accommodate bit losses suffered 
through physical channel devices not budgeted for within this standard. 
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Theapproximateminimumtimeforroll over of this counter is 16 hours." 
Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aShortE vents 

Runts 

"This counter is incremented by oneforeach CarrierEvent on thisportthat 
meets oneof the following two conditions. Only onetest need be made. 

a) T he ActivityD uration isgreaterthan ShortEventM axTimeand less than 
ValidPacketM inTimeand the Colli si on Event signal is deasserted. 

b) TheOctetCount islessthan 64, the ActivityD uration isgreaterthan 
ShortEventM axTimeand the C ollisionEvent signal is deasserted. 
ValidPacketM inTimeisgreaterthan or equal to 552 bittimesand less than 565 
bit times. 

An event whose length i s greater than 74 bit times but less than 82 bit times 
shall increment either the shortE vents counter or the runts counter but not 
both. A CarrierEvent greater than or equal to 552 bit times but less than 565 
bit ti mes may or may not be counted as a runt. 

ValidPacketM inTime has tolerances included to providefor circuit losses 
between a conformance test point at the AU I and the measurement point 
within the state machine. 

Runts usually indicate collision fragments, a normal network event. In certain 
situations associated with largediameter networks a percentage of collision 
fragments may exceed ValidPacketM inTime. 

The approximate minimum time for rollover of this counter is 16 hours." 
Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aRunts 

Collisions 

"Thiscounterisincremented by onefor any CarrierEvent signal on anyportfor 
which the Colli si on Event signal on thisport is also asserted. 

The approximate minimum time for rollover of this counter is 16 hours." 

Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aCollisions 

Late Events 

"This counter is incremented by oneforeach CarrierEvent on thisport in 
which theCollln(X) variable transitions to thevalueSQE (Ref: 9.6.6.2, IEEE 
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802.3 Std) whilethe ActivityD uration isgreaterthan theLateEventThreshold. 
Such aCarrierEvent is counted twice, as both a collision and asa lateEvent. 

TheLateEventThreshold isgreaterthan 480 bit times and less than 565 bit 
times. LateEventThreshold has tolerances included to permit an 
implementation to build a single threshold to serve as both the 
LateEventThreshold and ValidPacketM inTime threshold. 

The approximate minimum time for rollover of this counter is 81 hours." 

Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aLateEvents 

Very Long Events 

"This counter is incremented by oneforeach CarrierEvent on thisport whose 
ActivityD uration isgreaterthan theM AU Jabber Lockup Protection timer 
TW3 (Ref: 9.6.1 & 9.6.5, IEEE 802.3 Std). 

Other counters may be incremented as appropriate." Reference: IEEE 802.3 
Rptr M gt, 19.2.6.2, aVeryLongEvents 

D.R. Mismatches 

"Thiscounter isincremented by oneforeach frame recdved on thisport that 
meets all of the following conditions: 

a) The Colli si on Event signal isnot asserted. 

b) The ActivityD uration isgreaterthan ValidPacketM inTime. 

c) The frequency (data rate) is detectably mismatched from the local transmit 
frequency. 

The exact degree of mismatch is vendor specific and is to be defined by the 
vendor for conformance testing. 

W hen this event occurs, other counters whose increment conditions were 
satisfied may or may not also be incremented, at theimplementor'sdiscretion. 
W hether or not the repeater was able to maintain data integrity is beyond the 
scope of this standard." 

Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aDataRateM ismatches 
Auto Partitions 

"T his counter is incremented by one for each time the repeater has 
automatically partitioned thisport. Theconditionsthat cause port partitioning 
are specified in the partition state machine in Section 9 [IEEE 802.3 Std]. They 
are not differentiated here." 

Reference: IEEE 802.3 Rptr M gt, 19.2.6.2, aAutoPartitions 
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Total Errors 

"The total number of errors which have occurred on this port. This counter is 
the summation of the values of other error counters (for the same port), 
namely: 

rptrM on i torPortF C SE rrors, 

rptrM onitorPortAlignmentE rrors, 

rptrM onitorPortFrameTooLongs, 

rptrM onitorPortShortE vents, 

rptrM onitorPortLateE vents, 

rptrM onitorPortVeryLongEvents, and 

rptrM onitorPortDataRateM ismatches. 

Thiscounter isredundant in the sense that it is the summation of information 
already available through other objects. H owever, it is included specifically 
because the regular retrieval of this object as a means of tracking the health of a 
port provides a considerable optimization of network management traffic over 
the otherwise necessary retrieval ofthesummed counters." 
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